Mimecast, an established provider of cloud-based email archiving, continuity and security for Microsoft Exchange and Office 365, has announced that it has attained the ISO/IEC 27001 security certification for the South African market.
The ISO 27001:2005 Information Security Management Systems (ISMS) Standard is an international standard that enables organisations to make an informed decision on which technology vendors they can trust with their business data.
Mimecast chose to be certified against the ISO 27001 framework in order to show on-going support for open, customer friendly security standards within the cloud computing sector. This announcement not only solidifies Mimecast’s reputation as a trusted vendor, but also arms South African partners and customers with additional confidence, assurance and transparency around its cloud security and compliance.
“Cloud computing has the potential to revolutionise the role of the IT team,” explained Mark O’Hare, Group Information Security Officer, Mimecast.
“By taking away the burden of managing a complex on-premise infrastructure, IT teams can now focus on more effective use of the organisation’s data to deliver genuine business insight. Before IT teams can realise the potential of this data, however, they need to secure it. Cloud providers can help with this process by making sure that entrusting data to the cloud isn’t a leap of faith. Standards such as ISO are vital because they help customers make an informed decision about which cloud providers they can trust with their data.”
“At Mimecast, we are pursuing a ‘Defence in Depth’ approach, and achieving the ISO standard demonstrates our commitment to implementing, documenting and improving our defensive processes,” continued O’Hare. “It is of the utmost importance to us, as a company, to provide our customers with a guarantee of our dedication to information security, and an assurance that their information is being protected to the highest possible industry standards. Achieving a standard like ISO 27001 is fundamental to this approach, demonstrating that organisations do not have to think twice before entrusting their data to Mimecast.”
According to Heino Gevers, Security Specialist at Mimecast South Africa, the ISO certification process was extremely thorough and extended well beyond data security substantiation.
“Our ISO certification is more than a to do list, it’s a culture change that organisations need to adopt and enforce on an on-going basis. At Mimecast, we meticulously evaluate not only the safety of our internal systems but also the conduct of our staff.”
“This extended to ensuring that our employees wear visible identification tags at all times and lock their computers correctly when left unattended. Data leaks often start on the ground so it was absolutely vital that we engendered a culture of security at every level of Mimecast’s business dealings,” concluded Gevers.