Commitment to our customer’s information security has always been a high priority at VoIP Innovations. As a result, we have always been looking toward security compliance like CPNI, PCI, GDPR, CCPA; now we have a new set of letters to add, ISO-27001.
The VoIP Innovations team is proud to announce we have been awarded ISO 27001:2013 certification!
What is ISO 27001?
ISO/IEC 27001:2013 is a widely recognized standard for information security, run by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The purpose of ISO 27001 is to outline best practices and standards surrounding an Information Security Management System (ISMS) to ensure confidentiality, integrity, and availability (CIA) of customer data. The certification process has strengthened existing security practices that we have been doing and created new methods to protect all the customer data. We are excited to continue to improve and show our commitment to our customers. After a (long) formal audit done by PECB MS, the certificate was issued by an independent certification body.
We implemented the management system during the last two quarters of 2020 and performed a complete internal audit on our organization. Following our internal audit, we invited an external auditor to start the two-stage auditing process.
In the third week of Feb 2021, we had a successful external audit that PECB-MS performed. This same company also completed the second part of the audit in mid-April 2021. After the April audit, they informed us that we are fully ISO 27001 certified, with a certificate issued on April 21, 2021.
What does this mean for you as a customer?
This certification means that we take the security of your information seriously and have implemented proper security measures to safeguard it. We want our customers to have complete trust in our technology and services.
The ISO 27001 certificate is proof that we manage all risks related to information security using our robust Information Security Management System( ISMS) and protect our information assets by implementing and following well-defined processes and procedures.
Our Security Manager at VoIP Innovations, Bhawna Gaba, had a lot to say to me about the certification:
“Receiving the ISO 27001 certification is a momentous accomplishment for VoIP Innovations. The rigorous audit undertaken for certification substantiates that we have proper technical controls and formalized IT security policies and procedures to protect customer data and that our teams are diligent and well trained in complying with the best practices of the ISO 27001 Standards.
This demanding process has not only strengthened our infrastructure and benefited our internal systems but also further streamlined our day-to-day processes and procedures. We are now well prepared for emergencies, natural disasters, and any event that could impact our business.”
The scope of the certification itself includes all the people, processes, and facilities that handle customer information and include things ranging from physical location security, personnel accessing customer information, and disk encryption.
Our mission to security does not end here. Information security is an ongoing process, and we will keep working hard to maintain and exceed our standards to protect both company and customer data. An external auditor will perform yearly audits to attest to our continuous compliance as we continue developing and growing our business.
From a Product Management standpoint, knowing that our customer data is protected and understanding the different processes and procedures implemented to ensure confidentiality, integrity, and access to that customer data is very exciting. I am excited for us to continue to improve the things that our customers can see and interact with and make sure that they don’t need to worry about their data.
Reach out to your CSM to request a copy of the certificate or learn more by chatting with us.