Microblink gets ISO27001 certified

Microblink has been awarded ISO27001 certification for its approach to information security.

Norway-based DNV, an independent company that led the assessment, has certified that Microblink is compliant with the ISO 27001:2013 standard on August 4, 2021. Auditors found Microblink had put the proper policies and procedures in place to control and protect its information assets.

‘’This certification goes to show just how important security management is here at Microblink,‘’ Franjo Stipanovic, Head of Information Security, said. 

‘’We work with clients that operate in highly regulated industries, including some of the world’s biggest banking, airline and telco apps. This certification validates our commitment to keeping their data secure.’’

The scope of the certificate encompasses development, integration, support, sales and service management for computer vision technology using advanced neural networks and deep learning techniques.

What is ISO 27001 certification?

«ISO 27001 certification demonstrates that your organization has invested in the people, processes, and technology (e.g., tools and systems) to protect an organization’s data and provides an independent, expert assessment of whether your data is sufficiently protected.»

The ISO 27001 standard aims to secure people, processes and technology via three main cornerstones: confidentiality, integrity and availability (commonly referred to as the C-I-A triad).

1. Confidentiality translates to data and systems that must be protected against unauthorized access from people, processes or unauthorized applications. This involves use of technological controls like multifactor authentication, security tokens and data encryption.

2. Integrity means verifying the accuracy, trustworthiness and completeness of data. It involves use of processes that ensure data is free of errors and manipulation, such as ascertaining if only authorized personnel has access to confidential data.

3. Availability typically refers to the maintenance and monitoring of information security management systems (ISMSs). This includes removing any bottlenecks in security processes, minimizing vulnerabilities by updating software and hardware to the latest firmware, boosting business continuity by adding redundancy and minimizing data loss by adding back-ups and disaster recovery solutions.

septiembre 9, 2021