From the very beginning, Swoop has put information security and privacy at the heart of our award-winning technology – so we’re thrilled to have been awarded ISO 27001.
What does this mean for Swoop’s customers?
Simply put, we want your data to be as safe as possible. According to the Government the annual global cost of cybercrime in UK is expected to exceed £27bn in 2021 rendering the safety of sensitive customer and company information a critical business topic. We firmly believe this is an essential part of the value we provide our customers.
As a Swoop customer you have an assurance that we are operating in a professional manner that highly values security and is compliant with an internationally recognised standard, which has been audited by an accredited third party. This certification also provides clarity to you when evaluating the quality, breadth, and strength of our security practices.
What is ISO 27001?
ISO 27001 is a comprehensive security management standard that specifies a set of best practices and controls. It is an internationally recognised standard, and means that as an organisation Swoop has:
- examined its information security risks
- designed a set of security controls to mitigate these risks
- adopted a management process that reviews these controls on an ongoing basis
- conducted an internal audit of the above to test for conformity
- had an audit conducted by an ISO accredited external party to test for conformity
It’s important to understand that ISO 27001 isn’t just a ‘one-off’ audit, but an ongoing process of continuous improvement, review, and engagement with security standards and processes. The certification is valid for three years but does require annual audits carried out by a third party to test for continued conformity.
Simply put, ISO 27001 will now help Swoop manage the security of services, data, intellectual property and any other information entrusted to Swoop by a third party.
What has changed at Swoop as a result of this?
As far as your customer experience is concerned, nothing will change as we have always considered security as critical to our business. However, you should enjoy peace of mind that this has now been formally approved. You may be interested to know we have a specialised team dedicated to security who follow the highest standards in both our infrastructure and continuous management. We now formally work to defined policies, processes and systems to manage all our organisational data.
Within the team Swoop has a Data Protection Officer (DPO) and Site Reliability Engineer (SRE). This dedicated SRE function is where technical security is implemented. In addition, Swoop will soon be appointing a Chief Information Security Officer (CISO) to work alongside the DPO, SRE and Chief Technology Officer roles already in place.
Chief Technology Officer George Htin-Kyaw said, “Security of data is right at the top of my personal agenda, and Swoop will continue to invest, improve and develop in order that we not only remain compliant, but continue to enhance security standards beyond what is required. We aim to be globally recognised and celebrated for leading the way in information security and privacy in our field”.
Is there any more information on the ISO 27001 Standard?
For further details we recommend you check out the International Standard Organisation’s (ISO) website. They provide plenty of information on what is covered by ISO 27001.
For more information on ISO or how Swoop can securely help with your funding and cost-cutting options visit our website or give us a call on 0203 514 3044.