All experts blogs

Unic commits to information security: ISO 27001 certification

Since April 2018, Unic’s Private Cloud Hosting service is certified according to the international standard ISO 27001:2013. This certification attests Unic to be compliant with the demanding requirements for an information security management system (ISMS), underlining our commitment to information security.

Protection of data against internal and external risks is a priority at Unic. The certification according to ISO 27001 confirms our ambition to reach another milestone and double down on information security at Unic.

Multi-stage audit procedure

The international standard ISO 27001 specifies requirements to specify, implement, maintain and continuously improve a documented information security management system (ISMS). To do this, more than 160 controls are checked for applicability and implementation status. Unic was audited and certified by Swiss Safety Center AG in multiple stages.

Identifying and addressing 548 risks

We kick-started our risk management process using 548 identified risks. Each risk was classified according to likelihood and impact. Each risk above a certain threshold was addressed: Either mitigated, avoided, transferred or accepted. We also trained 20 colleagues in the relevant processes.

Foundation for a secure future

Since two years our service management process is based on ITIL. We continuously document and improve on these processes – setting the base for a successful certification, because continuous improvement and a risk-oriented culture are more important than a one-time heroic effort. Applying the controls set out in ISO 27001 we easily achieve compliance with the new EU General Data Protection Regulation (GDPR). Fritz von Allmen, Chief Information Security Officer at Unic is very happy about the certification: "Our ISO 27001 certification is proof of our commitment to highest quality standards in information security and provides the foundation to provide our customers the protection matching their requirements."

Our ISO 27001 certification is proof of our commitment to highest quality standards in information security and provides the foundation to provide our customers the protection matching their requirements.”

What is ISO 27001:2013?

The ISO/IEC 27000 family of standards helps organizations keep information assets secure. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process. 

Learn more about our Private Cloud Hosting.