Loadbalancer proud to announce ISO 27001:2022 compliance with NQA certification
Security Published on •3 mins Last updatedLoadbalancer celebrates a new milestone with an accredited ISO 27001:2022 certification from the NQA, cementing our position as an Application Delivery market-leader.
But after more than 20 years in the industry, why now? And what does ISO 27001:2022 actually mean in practice?
Why now?
Let's get real. As a company that's always taken data security extremely seriously, some of you may be wondering why we hadn't done it before. Well, here are three very honest reasons...
1. An increasing focus on cybersecurity credentials
As geopolitical and cybersecurity landscapes have shifted, our customers have had to adapt to an increasingly complex threat landscape. Naturally, Loadbalancer has continued to evolve alongside them, supplying products that are continuously updated and improved to address potential vulnerabilities and reflect security best practice.
However, as customer procurement systems are becoming more rigorous, and our customers are focusing more and more on cybersecurity credentials, ISO accreditation is becoming increasingly important. As such, we'd reached a tipping point where we felt that going through the lengthy certification process was an increasingly worthwhile exercise.
2. Data security extends beyond the realms of IT teams
Furthermore, in recent times, mindsets have dramatically shifted, with the C-suite recognizing that data security is a responsibility that extends beyond technical departments. While IT teams have always understood the importance of data security, IT governance and safeguarding are now front and center of all senior managers' minds.
This is a model reflected in our own organization, with Operations now becoming its own Loadbalancer department; incorporating Compliance and IT management teams who work cross-functionally to make sure data classification rules and access restrictions are met — without negatively impacting our customers. For example, we spent a long time thinking about how we could meet the requirements of ISO 27001:2022, without compromising our fantastic levels of support. We believed solving the customer's problem as quickly as possible still had to be at the forefront of what we were trying to do, with it being IT's job to then make sure that all happened securely. A process that's compliant but doesn't serve the customer, is not a successful one (in our view).
Having said that, we'll be the first to admit that making such changes in a tech company in particular can be incredibly difficult! With so many technical experts, and such a high level of knowledge in some departments, every change we made was put under an intense level of scrutiny! Luckily for me, we passed, phew!
3. New cloud-based products
Finally, as some of you will already know, our business model is changing to support our growing customer needs. More than 20 years ago, Loadbalancer.org began life as an Application Delivery Controller (ADC) provider, helping customers avoid the pain of downtime. While this core purpose remains, our product range has now expanded significantly to include a ground-breaking centralized management platform called the ADC Portal, designed to help users more effectively manage the load balancer estate they already have. Not only is this new ADC Portal vendor-agnostic, it's also cloud-based, reflecting the modern demands of our increasingly cloud-based customer base.
Furthermore, with systems becoming increasingly interconnected and supply chain attacks therefore a real concern, it was important we could reassure our customers that we were doing everything possible to prevent ourselves from falling victim to these attacks, and rightfully prove to our customers our ongoing commitment to information security.
What is ISO 27001?
ISO 27001:2022 is the only auditable international standard that defines the requirements of an ISMS (Information Security Management System), formally recognizing the effectiveness and efficiency of information security practices. Something Loadbalancer takes incredibly seriously:
"We have always conducted regular internal audits and reviews of our information security architecture and processes. External recognition of this high standard is another indication of our ability to help organizations on their IT infrastructure journey." Malcolm Turnbull, Co-Founder, Loadbalancer.org
Our products are built on a zero trust security architecture, utilizing the highest standards of encryption and authentication, with state-of-the-art cryptographic technology for smarter end-to-end enterprise security and protection.
What does ISO 27001 mean for us?
Loadbalancer is now an ISO 13485:2016, ISO 9001:2015, and ISO 27001:2022 certified company, adhering to the principles of security, availability, processing integrity, confidentiality, and privacy.
We have always held our Quality Management System (QMS) in high regard — carrying out regular security audits and penetration tests internally and with independent third parties, and are proud to say that we can now formally demonstrate this.
If you'd like to learn more about our security architecture, speak to one of our technical experts for further information.