We have obtained ISO 27001!
After a lot of time, energy and paperwork, we finally obtained the ISO 27001 certification this month!
Thus, we are very happy. But what's ISO 27001 actually, how do you obtain it and why would you want to obtain it as a startup?
The ISO 27001 certification is a worlwide acknowledged norm for carefully managing information security. This means an organisation takes action in order to optimally protect the information and reduce security risks. In order to obtain the ISO 27001 certification, you are continuously working together to evaluate, adjust or possibly redo required protocolls and contemporary activities within your company. This way, incidents are prevented more easily and detected quicker, if something still happened.
Is this actually necessary for a young, starting company? Yes it is. We'll explain why.
1 - Protecting your data
Alright, if everything goes to plan this is done by everyone, which would make it a little redundant, but it's not that self-evident to us. Our customers trust us with their personal data, qualifications and learning analytics. These are all privacy-sensitive data. Beside that, we are continuously busy with new developments on our platform.Because of this combination, we want to make sure this information is always safe.
When you work according to the ISO norm, you make sure that the processes are designed so that the present information is optimally secured in order to reduce the risk on a security issue. When there is a security risk, clear guide lines are present on how the organisation must act. This means that not only our information is optimally protected, but also the information of our stakeholders. This optimal protection creates extra security for stakeholders in times of the General Data Protection Regulation (GDPR). Now we can proudly say; at Hubper your data is secured optimally.
2 - Have your business in order
In order to obtain the ISO, you develop an extensive policy on how you guarantee the safety of data in your organisation. Because of this development you can design and register critical processes in a better way - you wil put your affairs in order.
Our core business is developing tech. In order to do this the best way possible, we always focussed on apply efficient and good processes. During our process of obtaining the ISO we still applied some strengthenings and made sure all processes were well arranged within Hubper.
3 - Trust for our customers
With whom would you rather work together? An organisation which proves that their information security is well arranged or an organisation who can't do this? Yes, indeed, the former.
Apart from the fact that we are more certain of our well arranged business thanks to the ISO, we are aware that this also radiates trust towards the customer.
In short, very nice news 🎉🎉! It's a nice confirmation of the fact that our information security and our processes are well organised. Of course we won't stop here, we will continuously be critical on our developments, which date we use and for what. We will always communicate this to our customers and users, as we already did, so everyone knows precisely how we deal with data!