Reach ISO Implemented ISO 27001 – ISMS for Singapore-based Research and Analytics Firm
About the Client – Research & Analytics Firm
The client is a reputed business house specialized in business intelligence and advanced analytics. With extensive understanding of various industry verticals, business models, and new technological innovations, the client is a leading provider of advanced data analytics, cloud computing, and data visualization. Catering to a global customer group dealing with cloud, client-server and mobile platforms, the client helps businesses on implementing appropriate big data tools and solutions. Being a research firm, the client organization is also contributor to machine learning, artificial intelligence, robotics, and adaptive analytics, etc.
Project Challenge – Securing Sensitive Business Data from Loss or Misuse
The challenge before our client was the safety of sensitive organizational data. As the client organization started growing, it on-boarded more number of employees and without proper proxy server in place, the existing data storage infrastructure seem vulnerable to loss or misuse of sensitive business information. Because all the data was stored on a local server with minimal security measures and without any periodic backup schedules, the security leaders soon realized that it could be a easy target for data theft.
So, the client wanted to implement a security system that would secure their entire system bound with appropriate authentication, authorization, and accountability conditions. The client also insisted on handing over the task to an experienced ISO certification consultancy that can implement the suitable security solution in line with the operational model as well as the data gathering and storage architecture of their organization.
ISO 27001 Security Management System Implementation by Reach ISO
After the initial discussion with the Reach ISO team, the client’s leadership team was satisfied with the team’s approach and signed the project contract.
• The Reach ISO consultants had a detailed discussion with the client on the requirement and drafted all the vulnerable areas.
• The Reach ISO team also identified all contributing factors and planned a detailed outline to implement a security management system based on the guidelines of ISO 27001 to secure the client’s organizational system.
• The team set up and implemented a highly effective IT security policy that included everything from data encryption to data backup.
• To further strengthen the overall security management system, the Reach ISO consultants introduced a customized risk mitigation plan that included proactive action items for every possible threat to the system.
• Reach ISO team also ensured that the security management system incorporates security updates and change management along with disaster preparedness and recovery procedures.
• With a detailed process documentation, the team suggested to secure the data by moving to an encrypted cloud-based server having three-levels of backup.
Key Takeaways from This Project
On implementing the Information Security Management system (ISMS), our client saved a significant amount of money on server room maintenance as the entire data storage system moved to the cloud. Also, with this move, the client was able to manage the IT assets better and the maintenance cost of IT assets came down drastically. Apart from all this, the client was also benefitted with new customers asking secured data management requirements and could even participate in numerous BFSI tenders. Reach ISO secured another satisfied customer to its list of clientele.