ISO 27001, the most stringent certification for information security controls, processes and operational information security procedures, guarantees that strict information security controls and risk treatment measures are in place to prevent and defend against any potential data system weaknesses or vulnerabilities. The certification also ensures that these information security controls continue to meet security needs of LDeX clients on an on-going, regularly assessed basis.
Rob Garbutt, LDeX CEO, commented “Businesses outsourcing their data centre operations, applications and critical data are looking for increased assurances over the high volumes of data they are placing within our facilities. We’re proud to have achieved this certification, as it demonstrates our level of commitment to implementing the tightest of security controls, and the responsibility and commitment we place on the confidentiality and security of our clients’ electronic data.
“We strive to achieve excellence in all of our operations and the ISO27001 certification demonstrates our commitment to delivering to our clients the levels of service and assurances they should expect from a top quality London data centre provider.”
LDeX has also achieved the ISO50001 certification a recently introduced international standard that requires organisations to establish and maintain the required processes and systems to enable the continual improvement of energy performance and claims to be one of few colocation facilities in the UK to have been awarded this accreditation. The company is also certified to ISO9001 for quality management systems and processes.
The thorough ISO27001 assessment verifies LDeX’s compliance with ISMS policies and procedures, and its full adaptation and adherence to ISO27001 practices across the organisation.
The ISO 27001 standard required that management adhere to required standards within the following:
1. Security policy - management direction
2. Organisation of information security - governance of information security
3. Asset management - inventory and classification of information assets
4. Human resources security - security aspects for employees joining, moving and leaving an organisation
5. Physical and environmental security - protection of the computer facilities
6. Communications and operations management - management of technical security controls in systems and networks
7. Access control - restriction of access rights to networks, systems, applications, functions and data
8. Information systems acquisition, development and maintenance - building security into applications
9. Information security incident management - anticipating and responding appropriately to information security breaches
10. Business continuity management - protecting, maintaining and recovering business-critical processes and systems
11. Compliance - ensuring conformance with information security policies, standards, laws and regulations