2023 has been a year of growth, challenge and excellence for John Technical Systems. One defining factor for us is that we now have an ISO 27001 certification!
If you are thinking “I don’t actually know what ISO 27001 is?” – don’t worry, we’ve broken it down simply in this article so that human beings can understand it without the repeated technical jargon you’ll often find when asking online!
What is ISO 27001?
ISO 27001 is a best practice framework in the world of information security management. By meeting this standard our customers can trust us with their data and management, knowing that we have every software and process in place that’s required to keep your service safe and secure at all times.
This standard is recognised internationally and ensures your confidential information is safe as well as reducing any risks in security breaches. ISO 27001 Compliant businesses are audited each year to ensure this best practice standard is ALWAYS being met.
ISO 27001 has three key principles:
Availability – Data should be accessible whenever needed, to authorised persons.
Integrity – Only people who are authorised would be able to amend any data.
Confidentiality – Authorised persons are the only ones with the right to access data.
How did you achieve this level?
Whilst ISO 27001 is the best practice framework and standard, it is not an accreditation in itself. In order to achieve this we needed to work with an accredited certification body – in our case Citation.* They helped us reach this standard and in turn have awarded us with their ISO certification.
We now have developed and implemented an Information Security and Management System that meets this standard in its entirety. This has earnt us the accreditation!
*Citation link – https://www.citation.co.uk/iso/iso-27001/
Do I need this for my business?
This will vary business to business, industry to industry. The most common industries in which companies apply for ISO 27001 are technology, finance, healthcare and government.
It is ideal for businesses in which a client may seek proof of your security processes and systems, meeting an internationally recognised standard. This said, it is not a mandatory requirement for UK businesses and requires some research to determine if it is the right next step for you and your company.
It can be a lengthy process to become certified, but it’s worth it if it benefits your company.
We are proud to say that we are certified and can give our customers that additional reassurance that their data is completely safeguarded with us.
Summary
Now that we have this ISO certification from Citation we can be completely confident that we have done, and continue to do everything in our power as an IT based business, to protect our customers data as well as our own.
Our aim is to keep this standard permanently and continue to provide the five star, ‘above and beyond’ type of service that our customers have appreciated for almost twenty years. If Johnson Technical and JTSecurity are managing your IT and Security, you will have nothing to worry about – this means that you can focus on what you do best, your business.
