July 13, 2021
-

Paperbox is ISO 27001 Certified!

Security is essential to us at Paperbox, and because of this, we actively try to incorporate security features in all our business processes. We understand that in this sector we operate in, secure programs are helpful to increase business confidence. So, from the first sales contact to the eventual product delivery, we are conscious of providing this service feature.

But don’t just take our words for it. We have the documentation to back up our dedication to information security. The Paperbox security program is certified against the ISO/IEC 27001:2017 standard. An ISO 27001 certification is an internationally recognized standard that specifies the prerequisites for establishing, implementing and improving information security in an organization.

Essentially, it shows that a company has put in place a system to protect the data it collects and generates. It also means that an independent expert assessment of data protection has been done. In this article, we explain the motives behind the ISO certification and how they impact our activities and processes at Paperbox. Let’s get into it.

Why We Got Certified?

Naturally, robust machine learning solutions, which we provide, involve a considerable emphasis on security. In addition to this, a significant part of our service deals in datasets that are quite valuable. In the face of the gradually increasing spate of cyber-attacks, security becomes much more paramount. Therefore, our move to become ISO 27001 certified demonstrates that we understand the current realities and are committed to building functional and secure software solutions.


What is an ISO 27001 Certification?

ISO 27001 is a standard for Information Security Management Systems (ISMS). This standard is internationally recognized and agreed to by data security experts as the best way of managing information security.

However, we know that the certification is not the totality of it. You should know that our ISMS is to ultimately define our approach to protect crucial information from any and all sorts of risks. Getting the certification is to show you (partners, client, employees) that Paperbox is trustworthy and will handle your data responsibly.

How Do We Do It?

The Plan-Do-Check-Act (PDCA) cycle essentially defines our implementation strategy for our ISMS. The cycle typically finds use in quality management systems with the overall aim of controlling and optimizing processes. We have adapted the PDCA system to our information security management system and will now explain how each step is applied to improve data security in Paperbox.

Step 1: Plan

During planning, there is a holistic appraisal of all the factors that affect the ISMS. This is to have a good understanding of first, the objectives, and then the requirements of the ISMS in terms of the personnel that will be involved and the resources to be deployed, and other such input.

Step 2: Do

As you can easily imagine, this involves executing the risk treatment plan that has been developed. Ideally, the plan is implemented in the different organizational areas like human resources, software development, asset and supplier management and access control. Under the ISO standard, there are 114 controls to reduce the risk.

Step 3: Check

We don’t just stop at executing the risk treatment measures. We also check to ensure that the plan was effective in mitigating those risks. The checks also inform us if the whole ISMS operates as is expected. One way of measuring the performance of the ISMS is to monitor information security KPIs. This also indicates whether the security objectives were met. Furthermore, an internal audit is an excellent way to ascertain whether the ISMS follows the ISO 27001 standard and the internal procedures are carried out.

Step 4: Act

The Check phase serves the function of identifying the failures of the ISMS in meeting up with the standard. Once this is done, corrective actions can be developed and implemented in the Act phase to improve the ISMS.

By this, we have circled back to the Plan phase, thereby completing the PDCA cycle. These are the steps Paperbox takes to ensure a continuous system of managing and improving its information security architecture.

(1)

Naturally, robust machine learning solutions, which we provide, involve a considerable emphasis on security. In addition to this, a significant part of our service deals in datasets that are quite valuable. In the face of the gradually increasing spate of cyber-attacks, security becomes much more paramount. Therefore, our move to become ISO 27001 certified demonstrates that we understand the current realities and are committed to building functional and secure software solutions.

(2)

ISO 27001 is a standard for Information Security Management Systems (ISMS). This standard is internationally recognized and agreed to by data security experts as the best way of managing information security. However, we know that the certification is not the totality of it. You should know that our ISMS is to ultimately define our approach to protect crucial information from any and all sorts of risks. Getting the certification is to show you (partners, client, employees) that Paperbox is trustworthy and will handle your data responsibly.

(3)

The Plan-Do-Check-Act (PDCA) cycle essentially defines our implementation strategy for our ISMS. The cycle typically finds use in quality management systems with the overall aim of controlling and optimizing processes. We have adapted the PDCA system to our information security management system. During the Plan Phase, there is a holistic appraisal of all the factors that affect the ISMS. This is to have a good understanding of first, the objectives, and then the requirements of the ISMS in terms of the personnel that will be involved and the resources to be deployed, and other such input. Consequently, the Do Phase, this involves executing the risk treatment plan that has been developed. Ideally, the plan is implemented in the different organizational areas like human resources, software development, asset and supplier management and access control. During the Third Check phase, we also check to ensure that the plan was effective in mitigating those risks. The checks also inform us if the whole ISMS operates as is expected. In the Final Act Phase, corrective actions can be developed and implemented to improve the ISMS.

If you have any questions or require more information about the certification, our Head of Security, Rob Vandenberghe, is happy to help. In case of questions or concerns, you can always send an an email at

dpo@skyhaus.com
Maarten Callaert (LinkedIn)
Founder, Venture Lead @ Paperbox

By submitting this form, you agree to our

privacy policy

Get in touch!

If you want to know more, please drop us a line.

We will be more than happy to join you in releasing the world of manual paperwork.

Esplanade Oscar Van De Voorde 1
9000 Ghent
Paperbox BV
BE 0767 371 651

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
All rights are reserved, Copyright 2021
Privacy policy

Paperbox is ISO 27001 Certified!

Security is essential to us at Paperbox, and because of this, we actively try to incorporate security features in all our business processes. We understand that in this sector we operate in, secure programs are helpful to increase business confidence. So, from the first sales contact to the eventual product delivery, we are conscious of providing this service feature.

But don’t just take our words for it. We have the documentation to back up our dedication to information security. The Paperbox security program is certified against the ISO/IEC 27001:2017 standard. An ISO 27001 certification is an internationally recognized standard that specifies the prerequisites for establishing, implementing and improving information security in an organization.

Essentially, it shows that a company has put in place a system to protect the data it collects and generates. It also means that an independent expert assessment of data protection has been done. In this article, we explain the motives behind the ISO certification and how they impact our activities and processes at Paperbox. Let’s get into it.

Why We Got Certified?

Naturally, robust machine learning solutions, which we provide, involve a considerable emphasis on security. In addition to this, a significant part of our service deals in datasets that are quite valuable. In the face of the gradually increasing spate of cyber-attacks, security becomes much more paramount. Therefore, our move to become ISO 27001 certified demonstrates that we understand the current realities and are committed to building functional and secure software solutions.


What is an ISO 27001 Certification?

ISO 27001 is a standard for Information Security Management Systems (ISMS). This standard is internationally recognized and agreed to by data security experts as the best way of managing information security.

However, we know that the certification is not the totality of it. You should know that our ISMS is to ultimately define our approach to protect crucial information from any and all sorts of risks. Getting the certification is to show you (partners, client, employees) that Paperbox is trustworthy and will handle your data responsibly.

How Do We Do It?

The Plan-Do-Check-Act (PDCA) cycle essentially defines our implementation strategy for our ISMS. The cycle typically finds use in quality management systems with the overall aim of controlling and optimizing processes. We have adapted the PDCA system to our information security management system and will now explain how each step is applied to improve data security in Paperbox.

Step 1: Plan

During planning, there is a holistic appraisal of all the factors that affect the ISMS. This is to have a good understanding of first, the objectives, and then the requirements of the ISMS in terms of the personnel that will be involved and the resources to be deployed, and other such input.

Step 2: Do

As you can easily imagine, this involves executing the risk treatment plan that has been developed. Ideally, the plan is implemented in the different organizational areas like human resources, software development, asset and supplier management and access control. Under the ISO standard, there are 114 controls to reduce the risk.

Step 3: Check

We don’t just stop at executing the risk treatment measures. We also check to ensure that the plan was effective in mitigating those risks. The checks also inform us if the whole ISMS operates as is expected. One way of measuring the performance of the ISMS is to monitor information security KPIs. This also indicates whether the security objectives were met. Furthermore, an internal audit is an excellent way to ascertain whether the ISMS follows the ISO 27001 standard and the internal procedures are carried out.

Step 4: Act

The Check phase serves the function of identifying the failures of the ISMS in meeting up with the standard. Once this is done, corrective actions can be developed and implemented in the Act phase to improve the ISMS.

By this, we have circled back to the Plan phase, thereby completing the PDCA cycle. These are the steps Paperbox takes to ensure a continuous system of managing and improving its information security architecture.

Paperbox is ISO 27001 Certified!

Security is essential to us at Paperbox, and because of this, we actively try to incorporate security features in all our business processes. We understand that in this sector we operate in, secure programs are helpful to increase business confidence. So, from the first sales contact to the eventual product delivery, we are conscious of providing this service feature.

But don’t just take our words for it. We have the documentation to back up our dedication to information security. The Paperbox security program is certified against the ISO/IEC 27001:2017 standard. An ISO 27001 certification is an internationally recognized standard that specifies the prerequisites for establishing, implementing and improving information security in an organization.

Essentially, it shows that a company has put in place a system to protect the data it collects and generates. It also means that an independent expert assessment of data protection has been done. In this article, we explain the motives behind the ISO certification and how they impact our activities and processes at Paperbox. Let’s get into it.

Why We Got Certified?

Naturally, robust machine learning solutions, which we provide, involve a considerable emphasis on security. In addition to this, a significant part of our service deals in datasets that are quite valuable. In the face of the gradually increasing spate of cyber-attacks, security becomes much more paramount. Therefore, our move to become ISO 27001 certified demonstrates that we understand the current realities and are committed to building functional and secure software solutions.


What is an ISO 27001 Certification?

ISO 27001 is a standard for Information Security Management Systems (ISMS). This standard is internationally recognized and agreed to by data security experts as the best way of managing information security.

However, we know that the certification is not the totality of it. You should know that our ISMS is to ultimately define our approach to protect crucial information from any and all sorts of risks. Getting the certification is to show you (partners, client, employees) that Paperbox is trustworthy and will handle your data responsibly.

How Do We Do It?

The Plan-Do-Check-Act (PDCA) cycle essentially defines our implementation strategy for our ISMS. The cycle typically finds use in quality management systems with the overall aim of controlling and optimizing processes. We have adapted the PDCA system to our information security management system and will now explain how each step is applied to improve data security in Paperbox.

Step 1: Plan

During planning, there is a holistic appraisal of all the factors that affect the ISMS. This is to have a good understanding of first, the objectives, and then the requirements of the ISMS in terms of the personnel that will be involved and the resources to be deployed, and other such input.

Step 2: Do

As you can easily imagine, this involves executing the risk treatment plan that has been developed. Ideally, the plan is implemented in the different organizational areas like human resources, software development, asset and supplier management and access control. Under the ISO standard, there are 114 controls to reduce the risk.

Step 3: Check

We don’t just stop at executing the risk treatment measures. We also check to ensure that the plan was effective in mitigating those risks. The checks also inform us if the whole ISMS operates as is expected. One way of measuring the performance of the ISMS is to monitor information security KPIs. This also indicates whether the security objectives were met. Furthermore, an internal audit is an excellent way to ascertain whether the ISMS follows the ISO 27001 standard and the internal procedures are carried out.

Step 4: Act

The Check phase serves the function of identifying the failures of the ISMS in meeting up with the standard. Once this is done, corrective actions can be developed and implemented in the Act phase to improve the ISMS.

By this, we have circled back to the Plan phase, thereby completing the PDCA cycle. These are the steps Paperbox takes to ensure a continuous system of managing and improving its information security architecture.

Paperbox is ISO 27001 Certified!

Security is essential to us at Paperbox, and because of this, we actively try to incorporate security features in all our business processes. We understand that in this sector we operate in, secure programs are helpful to increase business confidence. So, from the first sales contact to the eventual product delivery, we are conscious of providing this service feature.

But don’t just take our words for it. We have the documentation to back up our dedication to information security. The Paperbox security program is certified against the ISO/IEC 27001:2017 standard. An ISO 27001 certification is an internationally recognized standard that specifies the prerequisites for establishing, implementing and improving information security in an organization.

Essentially, it shows that a company has put in place a system to protect the data it collects and generates. It also means that an independent expert assessment of data protection has been done. In this article, we explain the motives behind the ISO certification and how they impact our activities and processes at Paperbox. Let’s get into it.

Why We Got Certified?

Naturally, robust machine learning solutions, which we provide, involve a considerable emphasis on security. In addition to this, a significant part of our service deals in datasets that are quite valuable. In the face of the gradually increasing spate of cyber-attacks, security becomes much more paramount. Therefore, our move to become ISO 27001 certified demonstrates that we understand the current realities and are committed to building functional and secure software solutions.


What is an ISO 27001 Certification?

ISO 27001 is a standard for Information Security Management Systems (ISMS). This standard is internationally recognized and agreed to by data security experts as the best way of managing information security.

However, we know that the certification is not the totality of it. You should know that our ISMS is to ultimately define our approach to protect crucial information from any and all sorts of risks. Getting the certification is to show you (partners, client, employees) that Paperbox is trustworthy and will handle your data responsibly.

How Do We Do It?

The Plan-Do-Check-Act (PDCA) cycle essentially defines our implementation strategy for our ISMS. The cycle typically finds use in quality management systems with the overall aim of controlling and optimizing processes. We have adapted the PDCA system to our information security management system and will now explain how each step is applied to improve data security in Paperbox.

Step 1: Plan

During planning, there is a holistic appraisal of all the factors that affect the ISMS. This is to have a good understanding of first, the objectives, and then the requirements of the ISMS in terms of the personnel that will be involved and the resources to be deployed, and other such input.

Step 2: Do

As you can easily imagine, this involves executing the risk treatment plan that has been developed. Ideally, the plan is implemented in the different organizational areas like human resources, software development, asset and supplier management and access control. Under the ISO standard, there are 114 controls to reduce the risk.

Step 3: Check

We don’t just stop at executing the risk treatment measures. We also check to ensure that the plan was effective in mitigating those risks. The checks also inform us if the whole ISMS operates as is expected. One way of measuring the performance of the ISMS is to monitor information security KPIs. This also indicates whether the security objectives were met. Furthermore, an internal audit is an excellent way to ascertain whether the ISMS follows the ISO 27001 standard and the internal procedures are carried out.

Step 4: Act

The Check phase serves the function of identifying the failures of the ISMS in meeting up with the standard. Once this is done, corrective actions can be developed and implemented in the Act phase to improve the ISMS.

By this, we have circled back to the Plan phase, thereby completing the PDCA cycle. These are the steps Paperbox takes to ensure a continuous system of managing and improving its information security architecture.