HSO, a Microsoft Solution Integrator for implementation, optimisation and 24/7 management of Microsoft Dynamics, has attained ISO 27001 certification for Global Managed Services. This means that internationally operating clients can now be assured that HSO is operating in accordance with the latest standards for data and information security.

During implementation processes or day-to-day application management, HSO frequently has access to confidential customer data. It is therefore important for customers to know that HSO is handling such information with due care.

Now that the laws and regulations regarding personal data protection have been taken up a level, due to the implementation of the European General Data Protection Regulation (GDPR), it has become even more important for companies to be able to prove compliance. This ISO certification gives customers the assurance that their data will be in safe hands with HSO.

Internal organisation, process and employee policies

Bernard Verweerd, Managed Services Director, was closely involved in the certification process: “Data and information security is a top priority for companies. This is due, in part, to the changes in laws and regulations. The new law is applicable across Europe, so it is necessary for our Global Managed Services to be ISO certified. For that reason, we decided to improve the internal organisation, process and employee policies.

Topics related to data processing, data access and possible scenarios were analysed. All the ‘what if’ questions were considered at a granular level. For instance, what happens if a laptop containing confidential customer data is stolen, or who at HSO can have authority to log in on behalf of customers, and how secure is our data in cloud applications?

The process surrounding the certification is supported by VEST business information governance.