23. May 2024
edr software receives ISO/IEC 27001 certification
Data loss, hacker attacks, phishing, data misuse, etc. - with the introduction of the ISO/IEC 27001 standard, edr software is arming itself against security risks.
"ISO certification has given us a clear competitive advantage. We are proud to be able to demonstrably offer our customers the highest security standards, making us one of the most secure providers in the industry."
Wolfgang Schmid, Managing Director of edr software
Strong commitment to maximum information security
Anyone who chooses edr software automatically chooses the best possible protection for their data – this is proven in black and white by the ISO/IEC 27001 certificate acquired by edr software. With the associated standards for information security, we ensure that risks are recognised, adequately assessed and effectively managed.
Why did edr software seek ISO certification in accordance with ISO/IEC 27001?
Information security has always been firmly anchored in our corporate culture. ISO certification is a sign of trust for our customers and business partners: We want to emphasise our commitment to the highest standards and underpin the effectiveness of our information security management system (ISMS) – objectively and verifiably. The certification procedure should help us to proactively perfect our risk management processes, increase our resilience to cyber attacks and reliably ensure adherence to all compliance guidelines. Our employees’ heightened awareness of data security and data protection is crucial to the overall security of our company and is reflected positively in the quality, reliability and security of our products and services.
What is ISO/IEC 27001 in detail?
ISO/IEC 27001 is an internationally recognised standard that specifies requirements for the establishment, implementation, maintenance and continual improvement of a documented information security management system (ISMS). It was developed by the International Organisation for Standardisation (ISO) in collaboration with the International Electrotechnical Commission (IEC). The ongoing review of the standards is carried out at edr software by the independent certification body DQS GmbH.
Important basic principles for information protection
The so-called CIA triad is a fundamental concept of information security and identifies the three main objectives or characteristics that information or data should have: Confidentiality, Integrity and Availability.
Confidentiality: Information is only made accessible to authorised persons. Sensitive data must be protected from unauthorised access and misuse or theft must be prevented. This is achieved through various measures such as encryption, access controls, data classification. Authentication procedures, regular maintenance, updating and patching of systems.
Integrity: This refers to the accuracy, consistency, completeness and trustworthiness of information. Data must not be changed or manipulated during storage, transmission or processing, which is ensured by measures such as logging changes, hash functions, data back-ups and digital signatures.
Availability: Authorised users must be able to access information or IT resources at all times and without interruption. Measures to ensure availability include redundant systems, regular back-ups, disaster recovery plans and a robust network infrastructure.
ISO/IEC 27001 certificate for edr software
We have successfully implemented the information security management system (ISMS) in accordance with ISO 27001 & implemented all associated requirements without exception: After around two years of intensive preparation and an audit lasting several days, edr software recently achieved the relevant certification. This means that we are now officially one of around 1,600 certified companies in Germany (source: Statista/DQS) that counter potential security risks and threats with appropriate technical and organisational measures. The security precautions are not set in stone, but are subject to a continuous improvement process. Through annual monitoring audits and recertification every three years, we ensure that they are continuously adapted to current circumstances.
Advantages for customers & partnerships
- Information security
We have implemented demonstrably effective security measures, so you can be confident that your data is well protected with us.
- Trust
The internationally recognised ISO certification enables us to demonstrate that we take our commitment to security seriously and apply best practices to strengthen our company’s resilience to threats.
- Legal conformity
Thanks to our certification, we can credibly assure you that we strictly and consistently comply with legal and regulatory requirements in the area of data protection and information security.
- Improvement
ISO/IEC 27001 requires us to continuously improve information security practices, so you can be assured that we regularly review, update and adapt our suite of measures to new threats.
- Risk minimisation
The information security management system (ISMS) makes a decisive contribution to identifying and eliminating security risks at an early stage before damage can even occur.
- Business continuity
Our ISO/IEC 27001 certification ensures that we are well prepared for potential security threats and can maintain our services even in the event of an emergency.
