We are very pleased to announce that Fluix received its ISO 27001 standard certification. In this post, we will explore what it means for Fluix as a company, as well as what it means for our customers.
What is ISO 27001?
The International Organization for Standardization (ISO) is an international standard-setting body composed of representatives from various national standards organizations. It is headquartered in Geneva, Switzerland, and works in 164 countries.
This ISO 27001 standard specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system.
It means that the audit for ISO 27001 certification covers both documented processes for managing sensitive information, as well as actual compliance of company activities with this documentation.
The scope of certification
From its inception, Fluix has been using certified cloud providers that are compliant to ISO 27001 (Amazon Web Services). While cloud provider compliance is important, we wanted to be sure that processes happening within Fluix are compliant to internationally recognized standards as well.
To demonstrate our dedication to meeting security standards we have implemented an information security system covering the following areas:
- Protection and processing of customer and personal data
- Technical support
- Maintenance of the Fluix SaaS platform, including backend services, mobile applications, web interface, APIs, and supporting utilities.
We went through the rigorous audit and certification process with TÜV Nord — a well-known technical service provider with worldwide activities accredited under German accreditation body DAkkS.
What are the benefits of ISO certification?
Because information security is one of the most important quality aspects of the software, certification for the system that manages information security is a testament that Fluix is a trustworthy software provider.
More specifically ISO 27001 certification means that:
- We regularly assess and mitigates the risks of the information security
- Customer data is rigorously protected
- There is a number of formally defined controls and procedures that have been verified by a third-party auditor
- We strive for operational excellence when it comes to our development processes
We understand that Fluix is integral to running important business processes all over the world, and we take that responsibility very seriously. Everyone at Fluix is deeply dedicated to protecting our customers’ data, and we’re very happy to have our ISO 27001 certification to prove it.