The ISO Blog

Industry news and latest posts by Aeromark.

Friday, 09 June 2017 11:15

What is ISO 27001 and how does it benefit our customers?

As business information is the most vital part of any company, most businesses have some form of data security policy in place. While this policy and the security controls may be introduced with the best intentions, the effectiveness of the policy can be difficult to maintain and organise. For example, most IT security policies may overlook vital information assets such as paperwork. The ISO 27001 standard was introduced to ensure that all aspects of data security are protected.

ISO 27001 was developed to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system".

The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action. The standard requires cooperation among all sections of an organisation which is required to apply controls appropriately in line with their specific risks.

So why have Aeromark chosen to be ISO 27001 certified?

“Aeromark believe in a proactive approach to securing information security and integrity for our customers. Most service management software providers are only able to offer data centres which are covered by the ISO27001 standard which as a result doesn’t cover the largest part of the risk. At Aeromark our entire business scope is covered by these standards, from our hiring policies to how our team develop our software and of course our datacentres. In becoming accredited for both ISO 27001 and ISO 22301 we show Aeromark’s commitment to adhering to the international best practices of data protection and to meet the increasing expectations of our customers” - Roger Marks, Managing Director.

Key benefits to our customers

By becoming ISO 207001 certified Aeromark ensures that it complies with all laws, regulations and contractual requirements related to information security.
Every security incident, large or small, costs money. Aeromark’s ISO 27001 certification massively reduces the risk of a security incident by identifying business risks.
Better organization with clearly defined processes and procedures enabling Aeromark to offer an even higher level of service to our customers.
The ability for Aeromark to offer services to businesses in highly regulated sectors.
It demonstrates Aeromark’s clear commitment to Information Security Management (ISMS) for our customers.
It provides a framework to ensure the fulfilment of commercial, contractual and legal responsibilities.
Implementing and maintaining an information security management system certified to the internationally recognised data security standard, ISO 27001, is the most effective way of reducing the risk of suffering a data breach.
Reassurance that Aeromark safeguard valuable data and intellectual property to the highest standards.

Published in The ISO Blog

Introduction to ISO 27001

“The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties.”

International Organization for Standardization

The decision to become accredited to ISO 27001 presents many different challenges to a business. The biggest challenge is the requirement to understand that previous company processes will need to change. Businesses are naturally apprehensive about change, especially in successful firms, however at Aeromark the decision to implement ISO 27001 throughout the entire scope and the change that it would bring was met with positivity.

“Despite having seen reluctance by other software providers to fully manage and minimise risk, we at Aeromark were excited at the idea of becoming certified to the ISO 27001 standards. We wanted our customers to feel assured that their data is protected to internationally accredited standards” said Roger Marks, MD Aeromark.

Service companies have access to sensitive data for millions of people, and a data breach makes them all potential victims of identity theft. It is important that this data is protected from risk. The map prepared by Norse below shows real time attacks happening across the world.

The realisation that many other service management software providers only had accredited data centres while the rest of their business was left lacking encouraged Aeromark to set out to ensure that every aspect of the business was conforming and certified to ISO 27001 standards.

We are producing a series of blogs showing the steps and the dedicated journey taken towards ISO 27001.