Teamwork is delighted to share our latest security update: we’ve successfully completed our ISO/IEC 27001:2013 certification. Paired with our recent achievement of SOC 2 Type 1, this is another milestone in our ongoing commitment to deliver a world-class security experience to our customers.
ISO/IEC 27001:2013, explained…
As an independent, non-governmental institution, ISO is the International Organization for Standardization with the goal to increase global consistency and promote innovation. Amongst the over 21,000 existing standards that were developed since 1946, notable ones include those in information security (such as ISO 27001, which was established in 2005), environment, commerce, property, and social responsibility.
ISO/IEC 27001:2013 is the most robust international standard for information security. To achieve the certification, a company is required to prove and maintain a continuous, structured commitment to handling sensitive business, employee and customer information. The relevant controls and standards of ISO 27001 are managed through an Internal Security Management System, or “ISMS”.
Key elements of the ISMS include:
Organization, Operations and Communication: Leadership commitment to information security, IT management, ongoing security training and awareness.
Risk and Information Security: Risk management processes, access and asset management, encryption and system maintenance.
Physical, environmental, human resources: Office security, network security, business continuity planning, health and safety.
Compliance: Compliance with laws and regulations related to ISO 27001, e.g. HIPAA or GDPR.
Benefits of ISO/IEC 27001:2013 for our customers
Achieving the ISO 27001 standard shows that Teamwork protects our customers’ information from getting into the wrong hands, ensures the accuracy of customer information and maintains business resilience against potential negative impacts on our service.
Further benefits include:
Increased reliability and security of our Teamwork products
Improved customer confidence with regard to sensitive data
Alignment with our customers’ security requirements
Achieving ISO 27001 is not a 100% guarantee that information breaches will never occur. However, by having a robust information security system in place and fostering a culture of security and awareness, the risks are reduced and potential disruptions to our customers are kept to a minimum.
Our ongoing commitment to information security
We’re passionate about providing a safe and secure platform to manage your work, collaborate with your team, and get more done.
We are continuing down the ISO 27001 and SOC 2 certification path and will be working towards achieving SOC 2 Type 2 in 2021 and extending our ISO certification to further offices worldwide. To learn more about our security practices, please see: https://www.teamwork.com/security.
Any questions about our security? Reach out to us at firstname.lastname@example.org and we’ll be very happy to help.