Data protection is of paramount importance to any company and its clients. At Ox Mountain our recent BSI certification to ISO 27001 Information Security Management Systems demonstrates our commitment to the highest standards of information security management. As a technology business, we are trusted to hold client and third party data, and ensure its security. Aeham Abushwashi (CTO) explains why and how OXMT have achieved this certification.
Internationally recognised standard
Achieving certification provides evidence of organisational maturity and increases trust through a reduction in risk. “Being certified to ISO 27001 provides a competitive advantage, it provides assurance to our clients that we have carefully considered information security and put in place the right controls to secure their information assets. To have had certification through BSI, one of the best in the business, is the icing on the cake.”
ISO 27001 is helpful for managing interactions with other organisations as it provides transparency over information security management and proves that Ox Mountain have robust processes in place. “Until now, time consuming security questionnaires on data policies and extensive reviews with clients have been required. Having certification and auditing by an accredited third-party saves everyone a lot of time and resources, whilst providing the assurance to clients and employees that their data is looked after.”
The certification also has benefits for employees. “It gives employees the confidence that we are handling their personal information properly. It also educates employees about information security management and being secure online, which has benefits for their own day to day digital lives.”
British Standards Institute
Willy Fabritius, Global Head Information Security and Business Continuity at BSI comments:
“It is a huge achievement for OXMT to become certified to these Management System standards as protecting data has become increasingly challenging for organizations. Certification to ISO 27001 demonstrates OXMT’s commitment and proactive approach to best practice when it comes to managing information security and building resilience for the future.”
Implementing ISO 27001
“We had a good starting point with information security. Ox Mountain has had security policies in place from day one, and our flagship product, IronMan®, has been developed with security and confidentiality in mind.”
ISO 27001 is a formal recognition that Ox Mountain takes care of data, contributing to the high quality of services offered. It also provided the opportunity for Ox Mountain to challenge and improve our existing procedures.
“To implement a standards compliant Information Security Management System (ISMS), we formed an internal task force, undertook training with a specialist company and developed a comprehensive set of information security procedures, processes and practices.” Standards ensure that processes become systematic and thorough. This is essential as information security is about protecting assets, resources and people.
The ISO 27001 certification is supported by stringent annual reviews to ensure Ox Mountain continues to maintain a strong information security posture.