Becoming ISO/IEC certified isn't easy, but CloudFactory got it done. Achieving this certification reinforces the confidence our clients already have in our information security practices.
What is the ISO 27001: 2013 Certification?
It's an International Standard for Information Security Management System (ISMS) that specifies the requirements for establishing, implementing, maintaining, and continually improving information security.
It's an extremely rigorous standard that isn't granted unless 114 unique controls are in place throughout an organization.
Because CloudFactory has the ISO 27001:2013 certificate, you can be assured that:
- Our ISMS is tested and audited in accordance with internationally accepted standards for good information security practices.
- We implement a robust risk management process to regularly identify and manage our data security risks.
- We are able to support clients that require a high level of security capabilities and industry-standard certification.
CloudFactory’s commitment to information security
At CloudFactory, "We Respect Data" is one of our central principles. This principle directly aligns with the purpose of the ISMS— to preserve the confidentiality, integrity, and availability of information by applying a risk management process.
Our holistic approach to security includes not only technical requirements but also workforce policies and individual integrity. We do this through:
- People: We believe that data security starts with the individual. Individual integrity and confidentiality are central to a strong information security approach and are even more critical when a workforce is handling sensitive data. Only 15% of applicants make it through our robust screening and selection process - ensuring that we have only the best and most invested candidates working on client projects and handling client data.
- Process: First, we hire good people, then we implement policies and processes to keep them focused and accountable. Strong data security policies and processes help to ensure that client data is safe and secure in any situation. Even when using a remote workforce, there are many effective ways to establish a data security-aware workforce.
- Technology: Technology always plays a significant role in security. As remote work becomes more common, innovative solutions can help replace the security features typically present through in-person monitoring. CloudFactory continues to explore and adopt new technology that can bring greater security and transparency to the work we do for our clients.
Our base offering already meets rigorous standards like ISO 27001 and SOC 2, but we have additional levels of security to meet the different needs of our clients. Learn more about our security practices and capabilities here.