VoiceSage Achieves ISO 27001:2013 Certification

VoiceSage Achieves ISO 27001:2013: The Highest Standard of Information Security

On 26th of March 2018, VoiceSage received confirmation that the company had achieved ISO 27001:2013 certification [PDF] from Certification Europe, a world-leading certification body. ISO 27001 is an international information security standard awarded to companies who meet the highest standards of risk management in relating to information security.

Information security threats have become more prevalent for individuals and customer organisations alike. Protecting our customers and our own company against potential threats has always been a priority for VoiceSage. Implementing ISO 27001 and using it as a baseline to further increase our security will ensure that this information continues to be protected.

The internationally recognized standard allows customers to have confidence in the service provider that they are sharing their information with. It demonstrates that VoiceSage have the understanding and have taken the necessary precautions to prevent a breach, with a plan in place in the event of one happening. ISO 27001 emphasises that the information we hold has been safeguarded to the highest level and that VoiceSage are committed to continuously improving our ISMS (Information Security Management System). By implementing ISO 27001, VoiceSage are protecting our own data and the data of our customers.

From benchmark to baseline

Prior to obtaining ISO 27001, VoiceSage always prided on being proactive in the protection of company and customer data, attaining and keeping PCI-DSS level 1 attestation since 2013. Because of this and a large number of Information System (IS) processes already in place, VoiceSage obtained the ISO 27001 accreditation in little under a year. Following the decision in October of 2016 to begin the ISO 27001 certification project, VoiceSage obtained the certification 23rd Feb 2018 well before the target introduction of GDPR.

By cultivating a culture of security practices amongst employees, VoiceSage had many of the required controls already in place to obtain the certification. ISO 27001 set VoiceSage a benchmark to work towards, which is now being used as a baseline to work from on the journey to becoming fully GDPR compliant. ISO 27001 shows that VoiceSage is well on the way to be able to “implement appropriate technical and organisational measures” to become compliant with the requirements of Article 28(1) of the GDPR.

A secure, reliable environment

Glenn Sweeney, VoiceSage’s Chief Information Officer, spoke about the importance of information security and obtaining the certification. “Protecting customer data is of utmost importance to VoiceSage. Having just passed my third year in VoiceSage, I would most definitely say the commitment, hard work and intense dedication of everybody in the last 12 months is now showing. Achieving certification demonstrates we have taken the time and effort to prove our expertise and experience meets a recognised international level and we should all take time to recognise what we have done.”

“As any company that has implemented this standard will agree, the biggest challenge in achieving certification is getting sufficient resources and having security continuously recognised as a priority so that a proper system of controls can be maintained. I’m fortunate to work with extremely security conscious development and support engineers who appreciate the importance of security and certification, which are cornerstones to our success.”

The ISO 27001 certification demonstrates VoiceSage’s ability to identify, manage and reduce the information security risks to protect its information assets.