Esko has achieved certification of the international standard on information security management, ISO 27001, following a perfect 100 percent assessment of its security policies and procedures.
The accreditation - which applies to all the company’s cloud operations and services, IT infrastructure, Human Resources, physical security and legal - recognizes that Esko is fully compliant with the stringent security requirements of the International Organization for Standardization based in Geneva, Switzerland.
Joël Depernet, chief technology officer at Esko, said: ‘Information security is a topic that is of the utmost importance, and one that we have always taken as seriously as our customers do. In the process of evaluating a trustworthy solution provider, converters and brands are undertaking a detailed due diligence process to assess how a vendor deals with the security of their data. Typically, this is done during the vendor selection process by converters and brands through audit questionnaires with hundreds of detailed security questions. Achieving ISO27001 certification provides ease of mind on those hundreds of questions asked, meaning it just became a lot easier to do business with Esko.’
The ISO 27001 security standard specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of an organization.
As part of the accreditation, Depernet said the Esko team had to ensure each security document, policy and procedure met the international standards of compliance.
‘All our cloud operations are now aligned to ISO 27001. We are incredibly proud that our security assessment was passed 100 percent without any defects or points to address. The certification process was a collaborative undertaking, with support right across the business. Essential to a smooth certification process is that we have a specialist team in house, which includes people that are certified ISO 27001 Lead Auditors. This team of experts help us to continually self-assess and stay ahead of any changes to global security standards. This underlines that we understand the importance of information security to our customers and gives added reassurance that Esko is a reliable and trustworthy partner.’
Esko’s ISO 27001 certification is just a first step in independent international certification. ISO 27001 also looks at Esko facilities, access controls to buildings and offices, and how it manages the access to information.