As market leader of the environmental survey sector HiDef captures and stores significant volumes of commercially sensitive date, with an archive of over 3000 Terabytes of video imagery the business took the bold step of registering for the relatively new ISO27001 standard, which is normally the domain of large security organisations, defence contractors, insurance companies and telecoms giants.
Over the last eight months, HiDef has been working hard to add the new standard to its existing accreditations. ISO 27001 is recognised as being the toughest standard to obtain, in part because it encompasses the requirement of so many other ISO standards. Months of hard work finally paid off last week, when the company gained the accreditation with flying colours.
ISO 27001 is an internationally recognised standard for an information security management system (ISMS). Data breaches are constantly making the headlines and have the potential to cause significant reputational harm and expense to both an organisation and its clients and so implementing a management system standard such as ISO 27001 is an important step in ensuring that access to data is appropriately authorised and protected. ISO 27001 covers all formats of information, whether printed or written on paper, stored electronically, transmitted by post or email, shown on films or spoken in conversation. Whatever form the information takes, or means by which it is stored, ISO 27001 provides a structured framework for reducing or eliminating the possibility of an information security breach.
HiDef’s Operations Director, Elaine Southward, was very pleased to confirm the award:
“I’m delighted that HiDef has achieved this challenging accreditation, as it demonstrates once again our commitment to ensuring best practise and maintaining our position as the sector leader.
ISO 27001 is an easy thing to commit to, but incredibly difficult to obtain. In todays’ commercial environment It is no longer enough to guarantee information security management by just adopting a data management standard – absolute data integrity now demands companies must have a standard that is regularly audited by a third party to ensure that it remains robust and fit for purpose.
I’m proud of our team, the process was rigorous and challenging. We wanted to be the first organisation within the sector to be awarded the standard, we had no idea that less than 500 companies have been accredited and we are among the smallest.”