Published on the 08/03/2016 | Written by Newsdesk
Unit4 A/NZ software partner beefs up cloud assurance...
Hot on the heels of recent news that it has achieved compliance with New Zealand’s Inland Revenue Department, Agilyx has secured ISO 27001 accreditation for information security. Global certifying body BSI said it achieved a ‘zero non-conformance’ score from independent auditors, an interesting way of saying it got nothing wrong.
ISO 27001 is the strictest available standard in information security management systems. The standards mandate rigour in management systems to prevent and/or reduce the impact of security incidents by enabling organisations to adopt and certify best practice in data security and systems. The audit process is a comprehensive examination of the information security risks in an organisation, highlighting threats and vulnerabilities, and assesses the efficiency and effectiveness of the existing controls and countermeasures.
Certifications like ISO 27001 are arguably a big deal for companies delivering cloud-based enterprise software as it provides assurance to drive out any niggling worries about the security of company-confidential information ‘on the internet’. While those worries might be more theoretical than practical in nature – as a growing body of cloud solutions users might attest – mere perceptions can be reality.
In a statement, Agilyx CEO John Catarinich said the company has achieved its goal in creating an ‘enduring, integrated security management system’ for its own operations and its clients. “The award of ISO 27001 standard marks a first for our company and is a practical win for our customers in terms of a sustainable business benefit.”
Catarinich added that as a cloud solutions company, Agilyx is acutely aware of the need to operate robust, secure systems. He provided some insight into the onerous accreditation process, which required some two years of planning, review and execution in security management protocols and processes.
Sales and marketing director Sean Jones noted that the accreditation is particularly relevant for the public sector. “Security is one of the largest concerns when dealing with government clients. While we started with a good security model – you don’t take on ISO 27001 unless you’re in a state of readiness – the process has delivered a more proceduralised and formalised approach to information security which delivers assurance to all our clients. It’s an investment in the future of this company,” he concluded.