Ioana Bota

How good things come to those who work hard

Sherpany made it its purpose to achieve the highest level of information security.

And aiming big paid off - the Swiss company recently got certified. Mathias Brenner, CTO, explains how we got the ISO/IEC 27001 certification, how it changes the way we work and how it impacts our customers.

1. Now that Sherpany is ISO/IEC 27001 certified, what are the changes in terms of processes within the company?

Mathias Brenner: The biggest change is to document and define our processes, which have already reached a high level of maturity.

Now our recently set up information security management system (ISMS) is the centrepiece for all our operations and processes. Sherpany’s ISMS Wiki is a system of policies, procedures and instructions. These build the basis for achieving [nbsp]our company objectives. The system is continuously monitored, maintained, improved and developed.

Screen Shot 2016-07-21 at 12.25.29.png

2. What is the outcome for Sherpany?

Mathias Brenner: The ISO 27001 certification is an international information security standard. As Sherpany is progressively expanding its presence on the market, there is a need to holistically manage Sherpany's information security. This is what the ISO 27001 standard helps us achieve.

The standard compels us to formalise our processes and outline all of our responsibilities and obligations with precision. This way our internal organisation is strengthened.

The ISO 27001 certification ensures and preserves confidentiality, integrity and availability of information. Also, it positively affects our authenticity, accountability, commitment and reliability.

For Sherpany, the ISO 27001 certification broadens our awareness for security, through, among other things, workshops and presentations. We also regularly perform social engineering attacks to test and sharpen our attentiveness to such risks and external threats.

3. What about our customers?

Mathis Brenner: Protection of data is our most important concern.

Information security refers to the protection of information from a wide range of threats. The goal here is to ensure business continuity and minimise business risk.

Data breach scandals due to industrial espionage will further multiply as digitalisation increases. This, in return, adds to the vulnerability of our customers. Hence, customer data and IT security have to be secured in an appropriate manner.

Sherpany now offers even more reliability and security. The ISO 27001 certification is a proof of that and it is attested by independent auditors.

If you want to find out more about information security management, follow Mathias Brenner. For more about us - check here.

More Board Articles