NEP expands ISO 27001 data security certification for clients
Not a week passes without another big information or data breach making the headlines. This is why the protection of data is of the highest priority at media technology business NEP.
The company’s previously obtained ISO 27001 certification has not only been extended for three years, but it has also been expanded to include the areas of Centralised Production and Virtualised Editing.
Sander de Vries, who in his function as chief information security officer is responsible for the security policy at NEP The Netherlands, underscores the importance of this certification milestone: “You must be able to show the outside world that you know what you’re doing in the field of security. Our clients want to have maximum certainty that their data is protected, and this international standard provides us with a standardised framework that is used and accepted as best practice all over the world.
“The ISO certification applies to Digital Media Services (DMS), Playout, OTT and VOD deliveries, Managed Hosting, and we were able to add two new components: Centralised Production and Virtualised Editing. In short, everything we manage in our data center is now officially certified. I consider this step not only a precondition but also a ‘hygiene factor’ in order to continue to grow as an organisation.”
de Vries is familiar with the mantra in the world of security: either you’ve been hacked or you’re not aware of it yet. “Everything that is made by people can, in principle, be hacked by people. In other words, something can always go wrong, but the crux of the matter is how to deal with that knowledge and how the security processes are organized. At NEP we have a very strong 24/7 incident response department that mainly works to prevent security breaches from happening in the first place. We want to be at the top of the class.
“And where we previously had to educate our clients about the risks and everything we did to safeguard their service or product, they now seem very aware of data security and take these things into consideration more often, asking us critical questions. That awareness has really become a trend and the ISO 27001 certificate certainly helps us assure our clients that we are following the top standards. It has even become a knock-out criterion in tender procedures.”