Security & Compliancy
We have been rewarded with the ISO / IEC 27001 certification in January 2020.
It was a goal we worked hard to reach, because continuous evolution is fundamental in our daily work.
What is ISO 27001?
The ISO / IEC 27001 is the international standard that regulates and defines the requirements for the ISMS, ISO / IEC 27001 is the international standard intended to bring information security under management control, by giving specific requirements.
This Standard drives the Company to the creation ad adoption of an effective Information Security Management System (ISMS).
ISO / IEC 27001 is basically aimed at regulating and guaranteeing adequate data security controls in the Company, at every level, from logistics to physical and organizational aspects.
ISO / IEC 27001 standard drives, in a specific context, to:
- the identification of risks related to information management;
- the definition of information resource;
- everything that entails the storage and provides economic value to data;
- highlight every aspects related to data storage and related to economic value behind that data;
- the definition of organisational aspects;
- the identification of all those processes related to the governance of data-related risks.
ISO 27001 Standard therefore intervenes on planning and design, implementation, monitoring, maintenance and improvement.
What led us to the certification?
Since the beginning, at SNCE we are taking care of keeping data as much safe as possible: we are aware that a security breach in a system can lead to a significant loss for our clients, and for SNCE too.
More and more companies , in the next future, will consider this standard as a must-have requirement for establishing trusted relationships with partners.
We decided to be one of the first, in the Digital Communication Industry. ISO / IEC 27001 compliance makes us a fully reliable and safe partner for our customers.
The Standard guarantees that our Company always works with a focus on minimising risks and avoiding weaknesses that could threaten information security. Furthermore, through a structured and effective process, SNCE also guarantees deliveries in compliance with specific Country legal obligations related to the privacy protection.
What does the ISO 27001 certification mean for our clients?
Thanks to this certification we are able to demonstrate our commitment as a partner for the management of Thanks to this certification we demonstrate our partnership commitment in managing any type of data asset, as a competent and always up-to-date consultant.
In particular the added value for our customers are:
Security by default
Data is probably the most important asset and its security is our goal, starting from the project analysis up to the system operation. SNCE implements a strong Information Security Management System (SGSI) according to ISO 27001 standard, and applies the principles of Privacy by Design and Privacy by Default in all its operations - wether including or not personal data - ensuring compliance with the EU General Data Protection Regulation 679/2016 (GDPR) and the Swiss Federal Data Protection Act (LPD).
Processes optimisation, efficiency creation
We consider ISO 27001 as a work philosophy, taking us to every new delivery in a continuous improvement process. Our Clients can count on a reliable partner, always ready to search for the most up-to-date and performing solutions.
Guaranteed Business Continuity (Resilience)
A Business Continuity process is always ready: we are prepared to face any unpredictable event in a fast and efficient way. Maintaining data safety and reliability, also in extra-ordinary circumstances, is not easy. ISO 27001 helps our Company in structuring, and maintaining up-to-date, emergency processes: being able to govern un-previewed events means being always able to grant Business continuity for our Clients, plus confidentiality, integrity and availability for their data.
Awareness philosophy
We are committed in spreading the culture of information security within the company to increase employees awareness and competence: ISO 27001 has become part of everyone’s way of work.
Proactive and on-time consultancy
ISO 27001 drives us in structuring either daily or long term work. An improvement process is permanently in place, thanks to a team of experts who spread news and awareness between colleagues, organising training sessions. This allows SNCE to be a value-added partner for its Clients, always providing innovative and safe solutions.
Customised solutions
Each Client of ours is unique. Each solution we provide is tailored on our Customer’s need and context. Our way of governing projects, instead, is always the same: inspired by ISO 27001, Privacy by Design and Privacy by Default principles, we keep in mind the confidentiality, integrity and availability of data as one of the main topics.