As it takes on increasingly complex projects and provides more remote managed and hosted services, the IT provider aims to offer its customers extra assurance of its excellence in data disposal, encryption, protection and security. ISO 27001’s rigorous processes and regular, thorough audits ensure that Softcat can achieve this goal.
Only the most data-secure companies are awarded ISO 27001 – the international best practice standard for information security measures is difficult to attain. The twice-yearly audits are thorough, covering every part of an organisation from recruitment to physical security of buildings. Over the course of a year, the certification body NQA reviewed Softcat’s physical infrastructure and security measures, including CCTV and access control, as well as its policies on data protection and encryption. It interviewed Softcat employees and tested them on data handling processes and encryption policies.
Simon Walker, managed services director at Softcat, said, “As we offer more and more remote managed services, we need to prove to our customers that we will keep their data secure. That’s exactly what ISO 27001 achieves. It shows that we are subjecting ourselves to continuous, stringent third-party testing. In doing so, we ensure that our processes and security are the best they can be.”
Martin Hellawell, Softcat’s managing director, said “The ISO 27001 standard encourages our employees to strive to continually improve data security. Implementing set processes around the way that we manage data shows our customers that we are a safe pair of hands. We have also implemented new technologies that increase our security further still.”
He added, “We wouldn’t have achieved the certification without the full support and commitment of our employees. They all got behind this initiative and really pushed themselves to meet the high standards required.”