Read in: Nederlands
Endouble takes information security very seriously. For some time now we control our information with our Information Security Management System. Now it was time to test it with the requirements of ISO 27001 certification. What does this exactly mean and what are the benefits for our customers? In this blog, we provide an explanation and as a bonus a few security tips to adopt yourself right away.
Why ISO 27001?
Let’s be frank: Endouble operates in a market where security and privacy play a major role. The moment something goes wrong with the processing of personal data, it is tomorrow’s headline in the newspaper. Nowadays anyone can create a website, but that does not mean that it fulfils all safety requirements. We have been investing for years in making and keeping the products we deliver safe. We not only have our own testers, hackers and security experts; it has become part of our DNA. This is officially confirmed by an ISO 27001 certificate.
What is ISO 27001?
ISO 27001 is the ISO standard for establishing, implementing, maintaining and continuously improving an Information Security Management System. In it is laid down how information has to be used for management purposes. Practically this means that Endouble performs an information security policy at which we in the organisation manage information security for our customers. We do this by continuously carrying out risk assessments and we implement controls to mitigate risks.
As a result of this, we include policies and procedures for access to our buildings, software, equipment, rules of conduct for employees, management software, incident and change management. This goes much further than, say, the safe generating and storing of passwords alone.
Our policy is to continuously measure and improve information security.
“An ISO certification is an ongoing process. We are constantly working to monitor processes and where possible to tighten them.”
– Robert Botman, Operations Manager at Endouble
Information security for our customers
Endouble always provides a website that meets the most appropriate security standards. Our servers are protected with WAF (Web Application Firewall) to minimise frequent attacks on websites. In addition, we carry out pentests and we continuously monitor our servers, so we are able to observe inappropriate or malicious behavior and to react quickly. And thus increase the overall security of the entire system.
DIY tips to protect information
Of course you can also do yourself the necessary to safeguard information. Our security specialist Gerard Arall has some tips that you can easily apply:
- Use unique and strong passwords / passphrases
- Use a digital password safe to store your passwords
- Keep your software up to date
- Don’t run / install untrusted software
- Lock your screen
- Disable Java / Flash from your browser
- Encrypt your devices
- Backup your data
- Report any suspicious email / message / activity
- Be aware of phishing / social techniques