The company’s procedures have been certified to comply with the internationally recognized standard of controls for organizations managing information security.
Milan, Italy. 14 May 2021
“Because of the widespread use of our platforms in critical areas such as finance and news media, our systems and procedures were already fairly robust from a security standpoint," said Holger Hofmann Eidosmedia COO. “But the ISO/IEC 27001:2013 certification gives us and our customers the additional assurance that we are in line with the best practices in Information Security management.”
Eidosmedia began the certification process in 2020. After nine months of intensive work on assessing, upgrading and implementing the policies and procedures required for compliance, the company was audited by the UK- based British Standards Institute, receiving final certification on April 13th 2021.
“The auditors were impressed by the quality of the measures we already had in place,” said Holger. “In fact, we realised that achieving this level of certification for a medium-sized company like ours is quite unusual and it is normally associated with organizations many times our size.”
As well as a series of active security features like multi-factor authentication and encryption key management, Eidosmedia platforms have an intrinsic resistance to attack by virtue of their unified-platform architecture and making the Eidosmedia platform suitable as a government CMS and a CMS for banks. Integrated collaboration tools within the platform avoid the need for the external email and messaging apps that represent points of high vulnerability in federated solutions, making Eidosmedia’s integrated platforms far easier to secure. Cloud deployment, now adopted by a majority of users, further hardens platform security, as well as offering multiple options for fast, efficient disaster recovery.
“Following several well-publicized hacking exploits in Europe and the US, the question of platform security is currently a hot topic for many of our users and the certification has been extremely timely in this respect,” said Julien Febvre, Eidosmedia ISMS manager. “As well as providing reassurance to our customers and partners, it may also allow them to achieve cost savings by reducing their own need for security audits.”
Julien emphasized that the certification is not the end point of the process: “After hard work in the gym, we now have a beach physique,” he said. “But staying in shape will require constant exercise in the form of regular internal audits and training to prepare for annual continuous assessment. Our next external review is due in early 2022.”