By Sam Richardson, Technical Account Manager at Backup-Technology
September 04, 2012

Backup-Technology Online Data Backup Expert Tips: Is your backup provider ISO certified?

When it comes to choosing a backup provider, businesses want some assurances that the provider can securely protect their data to ISO standards. Many providers will claim to have the protocols in place that ensure this, but often it is difficult for customers to know if what they are being told is true.

If a company says they are a secure backup provider, do you, as the customer, have any way to check this claim without getting bogged down in all the gritty details?

Yes – is the simple answer. In 2005, the ISO (International Organization for Standardization) published the ISO 27001 accreditation which was produced with the aim of giving customers a level of confidence when it came to choosing a company that would be handling their sensitive data. The ISO 27001 looks at the information security management system (ISMS) of the provider, which encompasses all areas of risk involved in the handling of data. This means that areas of the business, other than IT, are taken into account, i.e. is the setup of the provider’s data centre sufficient to securely transfer data?

Attaining the ISO 27001 is a three step process. The auditing company (for example UKAS) will perform an initial review of the ISMS already in place at the company and help with any issues in the design. The second stage involves testing the system to ensure it has been appropriately designed and can be properly implemented. The third stage is an ongoing review process for as long as the company has been certified to ensure that their ISMS is still compliant with the ISO 27001 standard. These reviews are conducted more often if the provider has recently attained the accreditation to ensure that they have been able to maintain any changes recently made to their ISMS.

This helps make choosing a backup provider more straightforward, as customers can trust that the provider meets a recognised standard rather than having to spend hours researching the subject. They can also be sure that in the case of a long-term contract the provider will continue to be tested and will therefore maintain the required standard throughout the duration.

It should be understood that holding the ISO 27001 is not a required standard in the backup or data storage industry. Any company who holds an ISO 27001 has therefore taken the time and effort to prove to its customer base (and all future customers) that it is capable and trustworthy when it comes to handling their data. For many companies, for instance legal practices and solicitors firms, who have to hold on to personal information for several years after they first come into contact with it, the assurance that their backup or storage provider can maintain a high level of security for the foreseeable future is an important factor in choosing the provider in the first place.

The ISO 27001 holds benefits for both the provider and the customer as it provides a bench mark that customers can look for in their provider, and the provider can aim to achieve the standard in order to gain a competitive edge over the market. Ultimately both parties can be happy that the ISMS is well tested and will keep sensitive data private.

About the Author: Sam Richardson is a Technical Account Manager at Backup-Technology, an Asigra powered cloud backup and disaster recovery solutions provider.

General Tags: online backup providers directory, online backup companies, SaaS, online backup, data storage, data security, online file backup, cloud computing, online data backup, compare online backups, online backup services, online backup reviews, top rated online backups, software as a service, online backup news, CEO interviews, backing up online, online file storage

Like us on Facebook

Do you like this post? Subscribe to our RSS feed ===========================


Related posts:

  1. Backup-Technology Online Backup Expert Tips: Choosing a Data Backup Provider
  2. Backup-Technology Online Data Backup Expert Tips: Key Questions to Ask your Online Backup and Disaster Recovery Provider
  3. Backup-Technology Online Data Backup Expert Tips: Does Your Cloud Backup Provider have a Replication System in Place?
  4. Backup-Technology Online Data Backup Expert Tips: Top Ten Reasons to Leave your Cloud Backup Service Provider – Part I and II
  5. Backup-Technology Online Data Backup Expert Tips: Online Backup – Does your Chosen Provider Offer the Support you need?
  6. Backup-Technology Online Data Backup Expert Tips: Handling Confidential Data Whilst Teleworking
  7. Backup-Technology Online Data Backup Expert Tips: “Good Backups” at the Top of Bruce Schneier’s Internet Security List
  8. Backup-Technology Online Data Backup Expert Tips: Data Security – The Perils of Transporting Unencrypted Data on a Portable Hard Drive
  9. Backup-Technology Online Data Backup Expert Tips: Uncovering and Calculating the Hidden Costs of Downtime
  10. KineticD Online Data Backup Expert Tips: Four Key Questions to Consider When Choosing a Cloud Backup Service Provider

Tags: , ,