Tom Horsman – Head of Technology
Data hacks and attacks are never far from the news – Equifax is the latest company to be hit in a breach that has affected over 143 million people. In the light of the current threat landscape, it’s increasingly important for companies to showcase that they can protect their customers’ data – and in some cases, their customers’ customers’ data.
Mergers & acquisitions is an industry particularly vulnerable to data breaches due to the wealth of sensitive and confidential information that they hold. As a virtual data room (VDR) provider, Imprima places the utmost importance on practicing good data hygiene and data resilience. Our ISO27001 certification gives customers confidence. Sounds impressive, right? Let us explain what it is. It means that we have a certified information security management system (ISMS).
But that is not all. The unique thing about our ISO certification is that we’ve insisted that our good ISMS goes beyond the information held – all Imprima staff are also required to act in accordance with the systems and strategies in place, offering our clients that extra layer of security.
For Imprima, achieving the ISO27001 certification was part of a long-term strategy and was met with utmost commitment from everyone at Imprima. The initial framework took over 2 years to implement and we have been continuously improving our processes and procedures for the past 10 years. Our ISMS contains over 110 controls which govern a wide range of areas from business continuity, disaster recovery, HR and the secure handling of all information. The controls are regularly audited to ensure that our procedures are being used correctly and to check if new procedures need to be implemented. Our adherence to ISO27001 is regularly audited by an independent auditor, each time confirming our ISO certification.
Any procedural breaches are immediately reported through our incident system and anything logged is reviewed by our management team. This helps to root out human error and address the problem moving forward – for instance, a member of staff might need training to fill knowledge gaps. The errors are checked against existing policies, so that we can determine if any new strategies or systems need to be put in place moving forward.
Understanding that customers can feel nervous about the threats their confidential data is vulnerable to, we’re placing a huge emphasis on the systems and protocols to ensure that Imprima is a safe pair of hands for the data in your VDR.