ISO/IEC 27001 is an international standard that describes a framework for information security management. Compliance with the standard is a major component of supply chain security among organizations, ranging from military, government, or healthcare sectors.
GoodAccess is ISO/IEC 27001 certified, proving we adhere to the highest standards of data security, privacy, and compliance, proving we are a strong link in your vendor supply chain.
No card needed. Full onboarding support.
Why us?
What is ISO 27001 compliance
ISO 27001 provides a comprehensive framework comprising security controls and procedural documentation to safeguard your organization’s information assets by creating an information security management system (ISMS). By adhering to ISO 27001, companies ensure the confidentiality, integrity, and security of their sensitive data and prove that they do not pose a threat to their business partners’ supply chain.
Annex A of ISO 27001 delineates a structured approach to implementing security measures, grouped into four categories of controls.
Processes
Policies, rules, processes, and organizational structures designed to oversee and govern a broad scope of matters related to information security within the organization. Organizational controls form the bedrock of an effective ISMS and range from robust security policies to definition of roles and responsibilities.
people
Controls focused on enhancing human awareness, skills, and behaviors as pertains to information security. People controls encompass initiatives like comprehensive training programs, human resource management, and personal security.
Material
Controls dedicated to safeguarding tangible assets and physical infrastructure. From implementing entry controls and surveillance systems, to establishing secure protocols for asset storage and disposal, physical controls play a vital role in preventing the mishandling and damage to all information assets in physical form.
technology
Technological controls are indispensable for securing digital assets and IT infrastructure. These controls encompass a diverse range of measures, including robust authentication mechanisms, encryption protocols, real-time monitoring solutions, secure storage, and backup procedures, all aimed at hardening the digital defenses of the organization.
ISO 27001 compliance
GoodAccess provides a Zero-Trust Network Access as a Service solution (ZTNAaaS), which means it can help you check off requirements related to network security and data protection (see our ISO 27001 Compliance Guide).
Namely, GoodAccess supplies the following technological controls:
testimonials
Benefits
GoodAccess is a customer choice among cloud-based zero-trust solutions. We are GDPR, HIPAA compliant and have passed ISO 27001 and SOC 2 certification.
Filter out non-compliant devices to reduce the risk of breaches. Define your device security policy and enforce it from the central console.
Assign access on a least-privilege and per-app basis centrally and easily.
Apply a protective layer over all your users and resources, wherever they are. Enforce the same level of security throughout multi-site and multi-cloud environments.
Protect data and user identity during transit with strong, unbroken encryption.
Monitor activity on the level of systems and gateway, locate breaches and configuration issues, feed the logs to a SIEM.
Prevent unauthorized access with MFA before allowing access to internal systems.
Configure your secure GoodAccess secure environment in high-availability to ensure continuous protection.
We are open about our limits. GoodAccess is an essential part of your security ecosystem that complements other security solutions.
Enforce your security policy centrally and ensure no user accesses critical resources without satisfactory authorization.
Schedule a call with the GoodAccess success manager to get all the details about our product features.