In order to help our clients deliver advanced personalization to their customers with Smart Content™, we process vast amounts of data, information, and algorithms every day. While we’ve always held ourselves accountable to the highest standards of data and info security, we have now aligned with an internationally recognized standard to sustain our clients’ trust. Over the past twelve months, ERGO has made a major investment in our data and info security infrastructure, processes, and controls.
We are proud to announce that we were just certified with a hard-earned ISO 27001 certification.
ISO 27001 is the international standard that provides a framework for Information Security Management Systems (ISMS) to ensure confidentiality, integrity, and availability and legal compliance of client information. This level of care is critical to protect data against any security threats, including data breaches, cyber crime, viral attacks, vandalism, misuse, and theft of data and information.
These safeguards are especially important now because of the General Data Protection Regulation (GDPR) in Europe, and a groundswell of similar consumer data protection regulations being passed across the U.S.—all designed to set guidelines for the collection and processing of information from individuals.
“Even though we don’t need—or accept—personally-identifiable information (PII), our technology works at a customer level, and we want our clients to know how dead-serious we are about safeguarding their reputation,“ said John Hendricks, CEO & Founder of ERGO. “We believe that achieving accredited ISO 27001 certification demonstrates our commitment to following the best practices of information security and hopefully helps our clients sleep a little better at night.”
While we’ve made many system upgrades, at the root of everything was a series of audits by industry experts to evaluate our safeguards.
“It kind of felt like the company was getting a year-long root canal,” recalled ERGO Enterprise Process Manager Kevin Kane, who played a key role in facilitating the certification process. “The ISO audit team continually went into every detail of hardware, software, data storage, and data transmission, at every level, from every angle.”
Kane described that while ERGO was already implementing many best practices for data security, one would be surprised at how many companies aren’t. According to the ISO representatives who led ERGO’s stage two audit, many companies don’t have reliable or secure forms of information management in place. Potential vulnerabilities can include incorrect or unsafe downloading and file sharing, data access on public WiFi, viruses and spyware, and even backups made to removable drives.
“We want to ensure that our enterprise clients’ legal, compliance, and information security teams are all assured that they’re working with a world-class partner that respects their very real concerns about risk,” Hendricks concludes.
If you’d like to learn more about ERGO’s ISO Certification and our reputation of compliance, contact us.