Data Foundry has been awarded an ISO 27001:2013 certification for conforming with the International Organization for Standardization's standards for Information Security Management Systems (ISMS). Data Foundry sought an ISO certification in addition to already having met standards for SSAE 16 and PCI compliance due to requests from international customers that provide information services overseas. While compliance with PCI and SSAE standards is widely recognized in the U.S., ISO 27001 standards are the most internationally accepted for information security.
International companies with data center footprints in Data Foundry's facilities can now assure their clients and auditors overseas that these security requirements are met.
"Completing the ISO 27001 certification process is another confirmation of our commitment to strict information security procedures. Unlike many in the industry, we do not outsource our security team, and we are proud of our security staff for their dedication to the continuous improvement of these procedures," says president and CFO, Shane Menking.
Because Data Foundry is a colocation provider, the company does not access or manage data that may reside in or pass through its customers' infrastructure. However, Data Foundry does store company data and Personally Identifiable Information (PII) for security purposes. Because the data centers are highly secure, all visitors must be registered with security before they are allowed to enter the facility, and customers and staff are required to enter using badges and biometric access controls. An ISO 27001:2013 certification provides customers with assurance that their company information and PII is safe with Data Foundry's security team.
In order to meet ISO standards for ISMS, companies must meet requirements in data asset management, communications and operations management, access control and information security incident management. ISO 27001 compliance is an ongoing process that will result in the continuous improvement of Data Foundry's ISMS.