Wednesday, February 25, 2015

Infogain is Proud to Announce Our ISO 27001:2013 Certification

Since the early years when our company was established in Silicon Valley, Infogain has enjoyed successful and long lasting relationships with our clients and partners.  As the digital world increasingly evolves with newer technologies such as the Cloud, we knew it was the right time to invest in the security of our client’s intellectual data. This investment is robust, offering a comprehensive list of security standards.

By achieving certification, Infogain has reinforced its commitment to internationally recognized security management for its customers and stakeholders. The ISO 27001 certification demonstrates that organizations have established a framework to their business operations that helps identify, manage, and reduce risks related to information security.

The ISO Certification standard requires Infogain to:
  • Design and implement information security controls and other forms of risk management to address company and architecture security risks
  • Monitor and review information security risks, taking into consideration the potential impact of threats and vulnerabilities
  • Maintain and improve the risk management process on an continuing basis in order to ensure that the information security controls meet Infogain’s information security goals
 
Infogain was awarded the certification upon the completion of numerous detailed and extensive audits, performed by TUV NORD, an industry leader in Information Security Management (ISMS) and fully accredited by The International Organization for Standardization.  Certification ensures that the best practices of Infogain’s organization will be documented, reinforced and improved continuously with time.

Infogain must maintain and manage a rigorous security program that defines management responsibilities and requires internal audits and reviews for recertification. The Information Security Management System (ISMS) required under this standard specifies how Infogain will manage security across the entire spectrum of the company’s internal processes, for example:
 
  • Access ID’s
  • Encryption
  • Firewalls
  • Human resource / Background checks, Security Trainings ,etc.
  • Asset Management
  • Communication Security (Network security Management & Information transfer)
  • Operations security (Vulnerability Management , Malware protections, Event Logging & Monitoring)
  • Password Management
  • Physical and environment security ( Visitor management , Access cards, secured areas , material movement, secure disposal and reuse  equipments like sprinklers, smoke detectors, Fire drill & Evacuation.)
  • Physical Security (Perimeter Security/CCTV monitoring/required access to certain zones)
  • Security policies & controls for mobile devices, work-from-home, laptops
  • Virus protection
  • Incident Management
  • Business Continuity Management
 
This certification reinforces our commitment to our clients and partners that Infogain has achieved the highest standards for security and privacy of their intellectual data. Operationally, the improved security measures for the Noida development centers demonstrate that security is a top priority for Infogain.

By Eddie Chandhok
Chief Information Security Officer