We are delighted to announce that we have achieved ISO 27001 certification!
For those wondering about ISO 27001, it's an internationally recognized standard that outlines the requirements for implementing, maintaining, and continually enhancing an Information Security Management System (ISMS)
Information and cyber security have always been extremely important for us as platform provider. At the same time, we felt we needed to improve the structure and processes to ensure we continue to get better, identify and mitigate risks and raise awareness throughout our growing organization. Also, more customers wanted assurance and required certification of our standards.�
Our journey began about ten months ago. We appointed our Chief Information Security Officer (CISO), established policies, and formulated strategies to strengthen and document our information security processes. We then implemented over 50 measures to fortify our ISMS and raise information security at mogenius. We utilized the ISMS Smartkit by Byght GmbH, which really helped us jumpstart the entire process.
The audit, conducted after a rigorous ten-month effort, was a resounding confirmation that our implementation met all the criteria for ISO 27001, validating the effort invested. We now have much greater control over ensuring information security across every aspect of our platform development.
It demanded concerted effort, but looking back, we feel it was well worth it, for several reasons:
1. Substantial enhancement of information security across our development process, platform, and all infrastructure resources.
2. A lot of invaluable lessons learned.
3. The ability to proudly affirm our compliance with ISO 27001 standards.
As a young company, we thought about what the best timing was for the ISO 27001. While some controls may seem oversized or not entirely aligned with our existing setup, the majority of the measures make absolute sense, regardless of the size of the organization. The later you start, the more complex it will most likely be.
punq allows DevOps teams to manage multiple Kubernetes clusters with shared access, a YAML editor, terminal access to pods, RBAC, and more.