Sonatype Now ISO 27001 Certified

What is ISO 27001?

A global standard for information security management, it helps make sure only the right people have the right access when they need it. The larger goal is to provide a framework that organizations can follow to manage risk and better protect their employees’ and customers’ information and reputation.

Why is ISO 27001 important?

These standards put everyone in the industry on even footing and encourage ongoing security focus.

Blogs like ours try to make security sound interesting and exciting, but a lot of good security is made up of carefully considered policies and process. After all, having good systems in place to manage small problems prevents them from becoming damaging failures. This certification demonstrates a mature security program and a commitment to comprehensive secure policy, on both a large and small scale.

Who gets the certification? What’s required?

This accreditation is not the exclusive territory of technology companies like ours. Increasingly law firms, healthcare, financial institutions, and other security-aware institutions seek it out to help them compete globally.

In order to prove the standard is being followed, an organization must be audited by an independent accredited 3rd party. Over a year in the works, we sought this to protect ourselves and our customers.

Learn more about the ISO 27001 standard.


*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Michael Griffin. Read the original post at: