We are excited to announce that The Missing Link has achieved ISO27001:2013 certification! With the increasing prevalence of information hacks or breaches, we take the management of our clients and our own cyber security incredibly seriously. This certification means we follow global best practice to ensure we are managing all information security risks effectively.
We have been certified across all our office and data centre locations nationally as well as all of our consulting, solutions and managed service and SOC offerings, including:
ISO27001 is the international standard for the implementation of a formal Information Security Management System (ISMS). The certification was developed to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system."
Every modern organisation would agree that information like databases, internal systems, IP etc. is now their lifeblood, so how we store and protect this highly prized information electronically, is of very high priority to The Missing Link and our clients. Increased focus on information security management has led organisations like us to implement controls in one form or another, but the effectiveness of these controls can rely heavily on how they are implemented, monitored and controlled.
The ISO standard was introduced to provide a ‘best practice’ process on keeping this information safe. Key to the certification is the fact that we have not only introduced security controls that deal with specific IT areas, but also other non-IT information assets like paperwork and proprietary knowledge, that is typically less protected and therefore vulnerable to today’s increasingly sophisticated hackers.
The ISO27001 certification took us over 6 months to obtain and we will be audited at least every year going forward to retain the highly prized certification. However, it’s well worth the effort because the certification means that we have identified the risks, assessed the implications from those risks, as well as put in place systemised controls to limit any damage should the worst occur. More specifically we have:
Protected our information from being accessed by any unauthorised people
Ensured our information is accurate and can only be modified by authorised staff
Assessed the risks of a breach and mitigated any impact should one occur
The benefits to our clients are numerous, but the key takeout for our clients is that they can be assured we have implemented best practice information security controls. Additionally, it will allow us to work closer with current and future clients (especially our Government and Enterprise clients) who require the high level of certification as a matter of compliance. It will also reduce the need for many in-depth security questionnaires and/or audits saving time for all involved