Tresorit receives ISO 27001 certification

Tresorit receives ISO 27001 certification

At Tresorit, our mission is to make user-friendly cloud collaboration services highly secure and available to both professional and private users. According to your individual requirements, we help ease your mind for the tasks that really matter by protecting your data in the cloud. In line with this goal, we aimed to get ISO 27001:2013 certification to further demonstrate our commitment to information security to our customers.

All Tresorit entities’ security compliance was validated by an independent audit firm, member of the internationally trusted TÜV Rheinland Group. After a rigorous process of demonstrating an ongoing and systematic approach to managing and protecting company and customer data securely, we got certified. Being a company with security at our heart, this milestone is very important for us. Lead by our Information Security Officer, Turul Balogh, almost every team in the company – including IT, Engineering, Infrastructure, Sales, Marketing and the entire Executive staff – came together to get this job done.

What is ISO 27001?

ISO 27001 is one of the most widely recognized and internationally accepted information security standards. It’s one of the few standards that uses a top-down, risk-based approach to evaluation. It identifies requirements and specifications for a comprehensive Information Security Management System (ISMS) defining how an organization should manage and treat information more securely, including applicable security controls.

What did we have to do to get the certification?

As a first step, we had to get commitment from our top management to ensure success. We then identified internal and external issues and stakeholders to ensure all expectations are considered for the scope of the ISMS. Following this, we established risk management and had to assess and treat risks. Based on the output implement, appropriate organizational policy and/or technical controls had to be set up. Finally, we performed an internal audit and carried out a management review. Once everything was in order, we had to find an appropriate certificate body that fitted our business profile to carry out the audit.

What is the scope of our ISMS?

Our ISMS covers sales, development, maintenance and support of our end-to-end encrypted cloud services.

Why is it important for our customers?

This certification is an additional proof of our commitment to information security. It plays a crucial role in assuring our customers that we take all necessary steps to keep their data in the cloud safe, secure, and accessible.

How will this impact our customers?

The services we provide to our customers will not be impacted. This certification is a security credential for your reference.