IXUP’s dedication to the sovereignty and security of data is baked into its own internal processes and procedures, and this is expected to be ratified before the end of the year by an ISO 27001 certification.
IXUP’s focus on providing solutions to clients for secure data collaboration cannot be separated from what the business is doing internally to ensure that we comply with the highest standards of information technology security techniques.
As a business whose sole reason for being is to ensure secure data collaboration, it’s reasonable that clients would want to know how we walk the talk in our own organisation.
At the time of writing this blog, IXUP was well advanced in the process of securing an ISO 27001 accreditation. This means that our clients will have the guarantee that we have fully implemented an information security management system, which is a suite of activities encompassing the management of information / security risks. It provides a framework for any accredited organisation to identify, analyse and address its data risks, and it ensures that security arrangements keep pace with changes to security threats, vulnerabilities and business impacts.
At the centre of the ISO process is understanding risk, which is something that is core to the IXUP business model. By documenting how we identify and quantify risk and, accordingly, how we respond with tangible actions and solutions, IXUP is formalising what we are already doing naturally.
Our management of risk extends beyond data security – we also consider human and key personnel issues, the availability of resources, and our ability to guarantee business continuity processes. This can be as simple as ensuring that we have all the necessary data backups.
Equally important, the process ensures that everyone at IXUP is completely aligned to a single source of truth about what is required, leaving no room for subjective interpretation.
Even though we are already managing all these risks appropriately, securing the ISO 27001 standard will provide our clients with an independently recognised and externally audited assurance that we run parallel processes of delivering a security-focused product as well as running a security-managed organisation.
By Mark Anderson, IXUP Customer Engagement Manager