Arctur is proud owner of the ISO 27001- Information Security Management System certificate

date: 24.06.2020

category: News

For Arctur, information is one of the most important non-tangible assets. The Information Security Policy is an integral part of our business processes, so full data protection is not only our responsibility but our ethical priority.

Taking care of information and data protection is part of Arctur's business culture

Arctur is dealing with all kinds of data in many ways: as a data collector and processor; our organization also provides data storage. The technology dictates the functioning of several systems we use and continues to drive changes in the way we live and work. The Internet of Things (IoT) and Cloud systems become more and more widespread and common, used actually by every single person, not only by companies. We have to be aware that the digital risks we all face – e.g. cyberattacks or selling personal data to third-party vendors or service providers - are only going to increase as more and more devices share data around the world. Actually, we need to prevent ourselves in the right way as we live in a World of Information. 

“Are my/our data safe? How do organizations, which have my/our data, take care of them? Do the organizations, which are dealing with my/our data, have the know-how for protecting my/our most valuable information?” “Whom can I/we trust our data to?”, are only a few questions that should be asked by each person or organization, who send their data out to the digital world.

The core business of Arctur is research and development work geared towards HPC and virtualization services, but also the implementation of websites and web applications. Arctur lives and works with Information. This is why we not only develop and constantly upgrade our IT systems, which are highly secure and tested to be bulletproof, but we also put great importance to provide our employees training on how to protect our systems and customer information day by day, 24/7.


Applying for ISO 27001 certification

Arctur gives great attention to security policies, proved objectives, security management audits, training and awareness activities. Furthermore, compliance with legal and regulatory requirements for security and privacy has become an important factor to address information security. Through the adoption of an Information Security Management System (ISMS), we were able to receive an ISO 27001 certificate. 

ISO 27001 was developed to help organizations to protect their information in a systematic and cost-effective way. It is the leading international standard focused on information security, published by the International Organization for Standardization (ISO), in partnership with the International Electrotechnical Commission (Source: Advisera, 27001 Academy). 

Arctur employees prepared comprehensive risk assessment - the procedures - where employees found out what potential problems could happen to the information, and on which levels. After all risks were identified, the definition of risk mitigation - actions on preventing such problems - was done. In the end, we specified which security controls - known as security practices - requested by ISO 27001, on technical, organizational, legal, physical and human resources level had to be implemented. At the beginning of this year, Arctur invited an accredited certification body to perform the certification audit, and we passed successfully.