Skip navigation

Sage Hostingby Paradise Computing Ltd PARADISE Logo
 

ISO 27001:2005 Explained

The Paradise Hosting Centre has been certified to ISO27001:2005 since 2006. This standard assures our customers of data security and attention to detail around our hosting operation.

In addition to providing a world-standard service using our own equipment and not third party services, this allows Paradise to provide you with a copy of our certification which can help greatly with issues of compliance to quality systems.

Eleven areas are covered within ISO 27001.

  • Information Security Policy - Is there management direction and a written policy to provide support and direction for information security activities?
  • Organisational Security - Is there an infrastructure to manage security within the organisation? - includes management forum and processes, third party access and outsourced arrangements
  • Asset Management - Are organisational assets protected? - Includes inventory and classification
  • Human Resources Security - Are the risks of human error or fraud reduced? - Includes personnel screening and T&C's, security training and incident reporting
  • Physical and Environmental Security - Is unauthorised access to business premises controlled? - Includes physical security, secure areas, equipment security, maintenance and disposal.
  • Communications and Operations Management - Are information processing facilities operated in a correct and secure manner – Includes operating procedures and change control, system planning, protection against malicious software, backup, media handling, information exchange, and email security.
  • Access Control - Is access to business information and processes controlled on the basis of business and security requirements? - Includes user and password management, mobile users, access to applications and network services.
  • Information Systems - Is security is built into information systems? - Includes development and support processes, cryptography and data validation.
  • Incident management - Are events and weaknesses reported, and are events consistently managed?
  • Business Continuity - Are critical business processes protected from the effects of major failures or disasters?
  • Compliance - Does the firm take measures to avoid breaches of law, statutory , regulatory or contractual obligations

Paradise is audited by BSi and has been certified since 2006 to meet the ISO 27001:2005 standard.

-
Microsoft Gold Partner Microsoft Small Business Specialist Sage Business Partner ISO 2007 Certified