Red Mosquito - Blog

Red Mosquito - RedMosquito and ISO 27001 | information security

Written by Mairi Wilson | Sep 23, 2019 11:09:29 AM

RedMosquito achieved the IEC/ISO 27001 Information Security standard in 2018.  This month we are proud to have passed our first annual external audit for the standard. Achieving this globally recognised information security standard last year was a milestone for the company.  Against the backdrop of the introduction of GDPR and perpetually evolving cyber security threats, we worked hard to put a robust Information Security Management System in place to achieve certification.  As a provider of IT Support and IT Security services to SMEs in Glasgow, Edinburgh and throughout the UK,  we believe it is vital we can demonstrate we operate first class information security policies.

ISO 27001 is based on a risk assessment model.  The company works to identify information security risks and puts controls in place to mitigate them as far as possible.  The standard requires a commitment to ongoing improvement and a programme of internal and external audits.  Working towards this certification is a big commitment for any company.  If you would like to explore whether this certification is a good fit for your business, our Technical Consultants can help you assess which information security or cyber security standards works best for you.  In addition to the ISO 27001, there are some additional certifications you may consider exploring:

New ISO – privacy information management

The introduction of GDPR required controllers and processors of personal data to implement “appropriate technical and organisational measures to secure data”.  The ISO/IEC bodies have reacted to this by introducing a new standard within the ISO 27000 information security suite of standards – ISO/IEC 27701 on privacy information management.   Although not aligning to any specific data protection regime it instead aims to help organisations conform to several privacy regimes.  This international standard could be a useful way of demonstrating to customers and other stakeholder that their data is safe.

Cyber Essentials 

For businesses who cannot take on the commitment an ISO demands then the Cyber Essentials scheme can be a useful certification.   Our articles here give a good overview this scheme.  RedMosquito have this certification in place and are SBRC ACE Practitioners.     This means they have been externally verified as being able to support customers towards their Cyber Essentials certification.

If you would like to have a chat about any of these standards and whether they are a fit for your business, then contact our team today.

RedMosquito provides IT Support and IT Security Services to SMEs in Glasgow, Edinburgh and throughout Scotland.