How secure are your files with your IT vendor?

'Information security, of course there is always a legal side to it, we talked about that in our previous blog. In this blog I like to share more about the way we handle within our organization, as an IT supplier, the security of information and files that customers entrust to us. We deal with it on a daily basis, for example by continuously checking whether applications are optimally secured. So who can access the information we have stored? And how secure is today's modern cloud really? So says managing director Sebastiaan de Ruiter.

Continuously under attack

'If you put it somewhat dramatically, you could say that we are structurally under fire from hackers and other online attacks. Our software is a SAAS product and is therefore in the cloud. That is why we are ISO/IEC 27001 certified, among other things, and comply with international standards and best practices in information security. So not only are we good at developing and managing our applications, we also have our affairs in order internally. And there's no other way, after all, we receive quite a lot of information, some of which is quite sensitive. But security goes further, also in a practical sense. For example, you cannot walk into our office unnoticed, there are no loose cables hanging out of the wall that you can simply use to access the network, and we carefully select and manage the suppliers we work with. They all have to meet a certain level. We believe that taking chain responsibility is important in this context. Making all agreements at at least the same level, working with processor agreements and only dealing with critical suppliers who are also ISO certified. Yes, I dare say that we have our process well organized from A to Z," says Sebastiaan.

Invitation to consciousness: the truth

'I invite other business owners and managers reading this blog to think critically about how information security is managed within their companies. Look, the truth is as simple as it is laborious: just like Digital Asset Management, managing and controlling information security is a continuous process that you don't just do on the side. And that is exactly what we see happening every day at many companies. For those who want to spar, feel free to contact us, we are happy to think along with you. Sometimes a few seemingly simple tips, which can be applied immediately with little time, can make the difference between surviving a hacking attack or being seriously damaged by it. And that is exactly the reassuring difference between a reliable solid party like Comrads and a vendor who will 'just store your files somewhere safe' in the cloud.