During February, we have been busy renewing our ISO 27001 certification. We are pleased to say that we have received our accreditation yet again, which is no surprise. We were found to be compliant in every area examined – with the bonus of no suggested areas for improvement.
In short, the ISO 27001 accreditation by the British Assessment Bureau is a specification for an Information Security Management System (ISMS). It sets out specific requirements that the company must adhere to, in order to remain compliant.
Under this accreditation, our strategic and operational objectives for EasyPQQ are:
- Availability for use from any location with an internet connection 24 hours a day, seven days a week, except for pre-communicated outage periods for the purpose of planned maintenance and upgrades.
- A system designed and maintained in such a way that no single point of failure exists within the overall system architecture.
- Risk mitigation plans are regularly tested during simulations and fire drills that form a part of our overall business continuity plan.
- Computers delivering the application have enough processing power and are configured in a way that ensures that they work quickly and efficiently.
- Sufficient hard storage space to maintain our promise of unlimited storage space for all clients.
- Regular penetration testing to ensure that we are secure against third party attacks.
- Database back up using a mirrored array meaning that single component failure neither interrupts the service nor loses data.
- Applications are backed up daily to a further hosting facility as further insurance against component or hardware failure.
By gaining this accreditation, it allows us to provide excellent service to our customers. The security of clients’ documents is one of our top priorities and being ISO 27001 accredited proves this.
You can find more info about the certification on: