ISO 27001 is an international standard outlining best practices for an information security management system, which is a framework of policies and procedures that includes all legal, physical, and technical controls involved in an organization’s information risk management processes.
To earn ISO 27001 certification, RagingWire completed an audit certified by Schellman & Company, a certification body for management systems accredited through the ANSI-ASQ National Accreditation Board (ANAB) and United Kingdom Accreditation Service (UKAS). The auditors examined RagingWire’s ISMS, which sits atop their operations and data center controls.
At each of its seven massive data centers in Northern California; Dallas, Texas; and Ashburn, Virginia, RagingWire has implemented the rigorous security controls and procedures necessary to attain data center and security industry certifications. Previous certifications include SSAE 18 SOC 1 and SOC 2 Type 2 audits, as well as attestations for applicable controls for colocation data center services PCI DSS 3.2, HIPAA, and FISMA Moderate based on the NIST Special Publication 800-53.
ISO 27001 vs. SOC 2, PCI-DSS, HIPAA
The ISO/IEC 27001:2013 standard was developed by a joint committee of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). The last version of the standard was published in 2013, with a few minor updates since then.
“What differentiates the ISO 27001 certification from SOC 2, PCI-DSS, HIPAA, or other point-in-time or historical-based certifications, is the fact that ISO 27001 focuses on the organization’s ability to assess its own risks and implement controls proactively on a continuous basis,” said Douglas Barbin, Principal at Schellman & Company. “Based on our review, RagingWire has not only demonstrated the ability to meet its customers’ compliance requirements, but also to adopt a holistic framework for anticipating the next set of risks and requirements.”
To earn certification for the ISO 27001 standard, RagingWire Data Centers was audited across an extensive set of controls, policies, procedures, and guidelines, including the ability to:
- Systematically examine the threats, vulnerabilities, and impacts to their information security
- Implement a comprehensive suite of information security controls based on those risks and threats
- Adopt a process to ensure that information security controls continue to meet the organization’s information security needs on an ongoing basis.
“RagingWire is committed to excellence in every facet of our operations across all of our data centers,” said Doug Adams, President and CEO of RagingWire. “Our ISO 27001 certification and our many other compliances and certifications are testament to that commitment and highly valued by our customers.”
Read more at RagingWire Data Centers Attains Information Security Certification on Website Hosting Review.