It’s the second decade of the 21st century, and information security is more vital than ever. The reason for this is simple: Pretty much all information is stored electronically, and the trend is unlikely to change. While you’re certainly aware of this, it’s worth remembering that this has never happened before in human history and we’re still writing the playbook on how to manage this change.
Many aspects of information digitization are positive, like greater accessibility and improved communications. If you were to go a few decades in the past and explain that you could send a vital technical document from Canada to Cameroon in less than a second, people would be blown away. They’d also be blown away if you were to tell them someone in Kyrgyzstan stole proprietary information from a Korean company with a few keystrokes.
Rather than being blown away, we’re keenly aware of just how delicate and valuable sensitive information can be. It’s our duty to keep ahead of the curve when it comes to information security — so we’re proud to announce we’ve achieved ISO/IEC 27001 certification.
If you’d like to know just what that means and why it matters, read on.
What is ISO/IEC 27001 certification?
Let’s get acronyms out of the way first. ISO stands for International Organization for Standardization, while IEC stands for International Electrotechnical Commission. The organizations combined to create the certification in question in 2005, which has been updated multiple times since its inception.
The point of the certification is to have a rigorous and verifiable process through which digital information is secured. In other words, companies that have earned the certification aren’t just blowing smoke when they say they take security seriously — rather, they’ve proven it.
Getting certified is a three-step process, which includes continual compliance monitoring. Essentially, it means a company has permanently leveled up their security game. In total, there are 114 controls in 35 control categories that shape the standardized security protocol. Yes, that’s a lot, and it means no stone is left unturned.
What does ISO/IEC 27001 mean for our clients?
The whole point of this arduous process is simple: Clients can trust us with their data. Like many challenges, the concept is easy but the implementation is difficult. Putting a man on the moon is a straightforward idea, but actually doing it takes a bit of work. While protecting digital data isn’t rocket science, it is computer science. They’re both pretty complex (that’s an understatement, by the way) and require lots of specialization, foresight, and risk management.
For those curious, the specific qualification SmartDev received is the ISO 27001:2013 certification. You can read all about it here.
We take great pride in our work, and one of the most important things we can do is guarantee information security. That’s not an option — it’s a requirement for a software company that takes itself and its clients seriously. If that’s important to you, we might be the partner you’re looking for. Reach out to us for a quote or to learn more about how we can work with you. We’d love to hear from you.