ISO 27001 Certification: Is Your MDM Platform Covered?
By Kerry Young on Feb 21, 2020
In today’s digital world, the constant stream of information has put data protection and security in the spotlight. Organizations face the crucial – yet often overwhelming – task of continuously protecting their customers’ data, as well as their own informational assets and third-party data. Thankfully, standards – like ISO/IEC 27001 – aim to provide a trusted global framework for information security. In this article, we’ll dive into why ISO 27001 is important, and how EnterWorks is helping organizations protect their data with our ISO 27001 certification.
MDM and ISO 27001
Master Data Management (MDM) companies must place high importance on providing a structured, documented, and repeatable process for managing data security. ISO 27001 is the most widely-recognized international standard outlining information security management best practices; yet, most MDM providers are not able to meet ISO 27001 due to the extensive procedures, documentation, and ongoing oversight required for certification.
EnterWorks is proud to announce that it is officially ISO 27001 certified, which places our platform among the few MDM solutions that global companies can consider for implementation.
Why is ISO 27001 Certification Important?
The International Organization of Standardization (ISO), in cooperation with the International Electrotechnical Commission (IEC), created the ISO/IEC 27000 family of standards to help organizations protect their information assets. This includes customer data, employee data, financial information, intellectual property, third party data, and other sensitive information that an organization collects, stores, transmits, or processes.
ISO 27001 is important because even with the most effective technology, data breaches can still happen. In addition to technology, businesses need a security standard that ensures they have the right methodologies and procedures in place to identify, manage, and reduce risks.
How Does an Organization Benefit from ISO 27001 Certification?
When it comes to data breaches, no company is immune to risk. That’s why businesses of all sizes, across all industries, can benefit from ISO 27001 certification in a number of ways, including:
- Improved brand reputation: Customers, clients, and third parties will trust and appreciate working with a company that has taken extensive steps to protect their data and information assets.
- Reduced risk and cost: Protection against data breaches helps a company maintain its projected budget, and avoid negative incidents that require expensive damage control.
- Smooth operations: Documented protocols and procedures help operations run in a stable, efficient manner, while also giving employees peace of mind when handling sensitive information.
- Proactive vs. reactive approach: The ability to catch issues early and make proactive improvements helps companies meet their long-term goals.
Is ISO 27001 Mandatory?
For companies in Europe, ISO 27001 is a mandatory software compliance for data security, much like the SOC1 Type 2 certification for companies in the United States (though SOC1 is a less rigorous standard to achieve).
While ISO 27001 is not required in the U.S., companies in America are increasingly following the global standard of ISO 27001. Aligning with ISO 27001 places companies within a more globally accepted and championed security standard, while also covering them in the case of future international expansion.
Furthermore, ISO 27001 is accepted as a replacement for SOC1 Type 2 certification – which also benefits international companies that want to do business in the U.S.
What Does ISO 27001 Certification Mean for EnterWorks and Its Customers?
ISO 27001 certification means that EnterWorks has both the technology and business processes to meet information security best practices. Our ISO 27001 certification gives clients the peace of mind that EnterWorks has the trusted security controls in place when handling our clients’ confidential information, as well as our own.
As companies look at extending their data protection to domains like product, location, digital asset, material, etc., they want this data to be handled by a company that can ensure the highest level of compliance for customer data and beyond. For these companies, EnterWorks Multi-domain MDM provides the scalability and security they need.
Want to learn more about MDM and Data Security? Download the EnterWorks White Paper, “MDM Security Best Practices.”
About the author
Kerry Young joined EnterWorks in 2006 when Ennovative, Inc., the multi-channel publishing software company he co-founded, was acquired by EnterWorks. He directs EnterWorks’ operations and leads EnterWorks’ professional services and consulting organization, ensuring effective customer implementations and ongoing success. Mr. Young brings more than 25 years of technology and business management experience to EnterWorks, having served as CTO for a subsidiary of the Dow Chemical Company, and earlier as VP, Information Technology for Marshall Industries, a $1.7 billion industrial electronics distributor. He previously managed information systems for a subsidiary of McDonnell Douglas Corporation. Mr. Young holds a B.S. degree in Computer Science from Cal Poly, San Luis Obispo and an M.B.A. from California State University Fullerton.
Questions or comments about this article?
Tweet @Winshuttle to continue the conversation!