Esko has achieved certification of the international standard on information security management, ISO 27001, following a perfect 100% assessment of its security policies and procedures.
The accreditation – which applies to all the company’s cloud operations and services, IT infrastructure, Human Resources, physical security and legal – recognizes that Esko is fully compliant with the stringent security requirements of the International Organization for Standardization based in Geneva, Switzerland.
Joël Depernet, chief technology officer at Esko, said, “Information security is a topic that is of the utmost importance, and one that we have always taken as seriously as our customers do,” said Joël. “In the process of evaluating a trustworthy solution provider, converters and brands are undertaking a detailed due diligence process to assess how a vendor deals with the security of their data. Typically, this is done during the vendor selection process by converters and brands through audit questionnaires with hundreds of detailed security questions. Achieving ISO27001 certification provides ease of mind on those hundreds of questions asked, meaning it just became a lot easier to do business with Esko.”
The ISO 27001 security standard specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of an organization. As part of the accreditation, Joël said the Esko team had to ensure each security document, policy and procedure met the international standards of compliance.
“All our cloud operations are now aligned to ISO 27001,” said Depernet. “We are incredibly proud that our security assessment was passed 100% without any defects or points to address. The certification process was a collaborative undertaking, with support right across the business. Essential to a smooth certification process is that we have a specialist team in-house, which includes people that are certified ISO 27001 Lead Auditors. This team of experts help us to continually self-assess and stay ahead of any changes to global security standards. This underlines that we understand the importance of information security to our customers and gives added reassurance that Esko is a reliable and trustworthy partner.
Depernet said that Esko’s ISO 27001 certification is just a first step in independent international certification. “More than relating just to our information security methods and organization, ISO 27001 also looks at our facilities, access controls to buildings and offices, and how we manage the access to information. It’s about how data is securely managed, stored, accessed and the complete supply chain management that goes along with all that.”
“The world is changing fast, and this achievement puts us right at the leading edge in terms of delivering secure products, deployment, customer service and the way we run our business,” he said.