Your business data could be in the wrong hands. Here’s the one question to ask to make sure it’s safe

Posted on June 25, 2019 by - Be a better manager, Be a better manager, Be a better rep, Be a better manager, Be a better rep, Build a better business

Your-business-data-could-be-in-the-wrong-hands-Heres-the-one-question-to-ask-to-make-sure-it's-safe

There’s always a trade-off with software services and business apps — convenience versus data privacy. Sharing sensitive customer, product, and pricing information with a third-party platform can deliver huge efficiency gains, but it also introduces potential data security risks.

The question every business should ask is simple: Is your app provider taking data security seriously and doing everything possible to protect your information?

 

The security of your data should be non-negotiable

Subscribing to a software service, or an app, enables businesses to benefit from innovative and time-saving features without a big upfront investment in infrastructure or a long-term commitment. In return, business apps require very intimate access to sensitive company data, like customer information, product price lists and employees’ personal details, in order to provide an effective service. The more access an app has to core business information, the more value the app is able to deliver.

It’s therefore crucial that your app provider takes data security seriously to minimise a data breach. If the right infrastructure, systems and processes aren’t in place, your data could risk falling into the wrong hands, which could result in litigation by your customers and stiff penalties, as seen this week with British Airway’s data breach and resulting fine of £183 million.

 

How do you know your Software as a Service provider takes data security seriously?

Ask them if they have an ISO 27001 certification. Any reputable app provider should have an information security programme in place that proactively ensures that data under their control is properly protected.

 

What is an ISO 27001 certification?

An ISO 27001 certification confirms that the highest internationally recognised security standards, agreed upon and set by members from 164 countries and 783 technical committees and subcommittees, are met. The International Organization for Standardization (ISO) is an independent, international organisation based in Geneva, Switzerland, that develops the global standards for security and safety, among others. Independent certification service providers conduct audits and grant the appropriate certifications.

 

Why is an ISO 27001 certification important to you and why does anyone care?

ISO 27001 certification shows that your data security is taken seriously. It also proves that your service provider meets the global standard for protecting sensitive information.

In practice, ISO 27001 certification means an independent audit has been carried out by a certified provider. The audit reviews the data security risks a company faces. It also checks that the right controls and measures are in place to reduce these risks to an acceptable level.

The assessment goes beyond basic data storage. It examines how employees handle data and the physical security of the premises where daily business operations take place.

After successfully completing the ISO 27001 assessment, companies receive a trusted, independent compliance report and certification. This validates their commitment to information security best practices.

 

Skynamo recently received an ISO 27001:2013 certification.

Skynamo, recently achieved  ISO 27001:2013 certification, joining a relatively small number of tech providers worldwide to have achieved this certification: only 69 companies in South Africa and only 7,748 tech companies worldwide. 

So, what does this mean for Skynamo customers? It means their sensitive business data is in the safest possible hands. And is rigorously protected from falling into the wrong hands.

It confirms that Skynamo has a system, the policies and the procedures in place to achieve and support our three main security objectives:

  1. Securing customer information,
  2. Securing product information, and
  3. Securing company information

.

In particular, it ensures the following:

  • We use customer data only to deliver the service we commit to provide.
  • We adhere to customers’ unique requirements for data-handling
  • We do not share customer data with unauthorised third parties.
  • Customer data is accessible only to a very restricted team of individuals at Skynamo. These individuals have received training on how to handle your data appropriately
  • We store customer data separately, keeping it distinct from other customers’ information.
  • We properly protect backups of customer data.
  • We delete data that’s no longer relevant.

As businesses move more data to the cloud, they rely on app providers like Skynamo for storage and management. It’s essential to choose providers that follow international data protection standards. They should also maintain the highest levels of cybersecurity and information security best practices.

Are your app providers meeting international standards in keeping your data secure? Do they have an ISO 27001 certification?

ISO 27001 - We are certified to be compliant with the benchmark information security standard – the ISO 27001:2022 standard for information security management systems.