Once again, the month of October is dedicated to cybersecurity. With this European campaign, the EU wants to inform companies and citizens about both digital threats and solutions.
At Appical, we take security and privacy extremely seriously, and it's paying off: we recently passed our ISO 27001 recertification with flying colors. The recertification is not only good news for ourselves, but also for our customers. Why? You can read that below.
What is ISO 27001?
ISO 27001 is an international standard that demonstrates information security within organizations in a structural way. The standard requirements of the ISO 27001 are extensive and the certificate is only issued after certification from an independent body.
The standard contains some introductory chapters, followed by requirements that an organization must meet. The requirements cover the following topics:
- The context of the organization
- Management commitment
- Goals and policies
- Support, resources and communication
- Operational aspects
- Measuring performance
- Continuous improvement
Together, these requirements form an ISMS (Information Security Management System). This is a combination of goals, policies, rules and measures that everyone in an organization must adhere to.
Why is ISO 27001 important?
Protecting data and privacy-sensitive information is becoming more and more important. The amount of data that we all generate and store in the Cloud is increasing significantly every year. The leakage of confidential information and personal data can have serious consequences.
The ISO 27001 certificate proves that our ISMS is effective and shows that information security is always on our agenda. Not only when it comes to the technical security of our IT systems, but also when it comes to the procedures by which our employees consciously work safely with the information. Our clients can rest assured that their data is safe with Appical
After obtaining our certification in July 2018, the journey was not over. In fact, it had only just begun. ISO 27001 also means continuous improvement. Every year the external auditor goes deeper into certain issues to see if we made any improvements.
The ISO method works according to the plan-do-check-act cycle. So you not only make plans (plan) and carry them out (do), but you also constantly monitor the results (check) and make improvements (act).
As you can read, our security and privacy standards meet the highest standards. However, it doesn't stop with the ISO 27001 certification. Want to know more? See our Security and Privacy page on the website.