When we ended 2018, we looked at some of our major accomplishments for the year. One of the things we promised for early 2019 was to finish the ISO/IEC 27001 certification for our Information Security Management Systems (ISMS). We take information security very seriously at Extreme, and we’re proud to announce that we’ve just received our ISO/IEC 27001 certification.
There are very few ISO/IEC 27001 certified vendors in the enterprise WLAN industry, and Extreme is proud to be one of them.
We’ve developed and implemented a company-wide information security management system that complies with the requirements of the ISO/IEC 27001 certification standard. It’s one of our main goals to provide solutions to our customers that meet all of their information security requirements. By adopting the ISO/IEC 27001 certification, we will be following a worldwide standard for security. This certification will communicate to our customers that security is a core trait of life at Extreme.
Our compliance will be regularly monitored through internal and external audits to ensure continuous improvement and to maintain security integrity for our customers.
ISO/IEC 27001, an information security management system standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission (IEC). Extreme’s certification was issued by A-lign, an independent and accredited certification body based in the United States on successful completion of a formal audit process.
ISO/IEC 27001 defines a process for establishing, implementing, maintaining and continually improving Information Security Management Systems in an organization. It also defines security controls covering personnel, physical security, logical security, security systems and business continuity. Accredited auditors perform an assessment of the organization’s ISMS to confirm compliance with the ISO/IEC 27001 requirements before a certificate can be issued.
Below is additional information about the differences between ISO/IEC 27001 certified companies and non-certified companies. When considering future network upgrades, ISO/IEC 27001 certification is something that should be required on your RFP, and be sure to ask for a copy of it.