Tarlogic renews ISO 27001 certification

Kiwa delivers to the cybersecurity company the ISO 27001 certification that ensures the confidentiality, integrity and availability of information

Tarlogic Security has just renewed its ISO 27001 Information Security, Cybersecurity and Privacy Protection certification, thus consolidating the highest cybersecurity standards in its daily operations.

Thus, the cybersecurity company now has ISO 27001 certification in accordance with the 2022 version of this standard.

The company’s CIO, Manuel Santamaría, received the ISO 27001 certification from the certifying company Kiwa at the company’s headquarters in Santiago de Compostela.

The renewal of the ISO 27001 certification results from a complex and thorough analysis process.

During this process, Kiwa verified that Tarlogic‘s information security management system (ISMS) continues to comply with the reference standard and, therefore, with the best international security practices.

In this way, Tarlogic promotes best security practices in its work dynamics.

The cybersecurity services company has, in addition to ISO 27001 certification, ISO 9001 for Quality Management Systems and ISO 14001 for Environmental Management Systems.

The new ISO 27001 certification controls

To renew the ISO 27001 certification, Tarlogic has undergone the evaluation of 93 controls that make up this standard in its 2022 version, which are divided into four categories: organizational controls, physical controls, technological controls, and people. Among this list of controls, we must highlight the 11 new controls incorporated in this version:

• Threat Intelligence.
• Information security for the use of cloud services.
• Business continuity.
• Physical security monitoring.
• Configuration management.
• Data deletion.
• Data masking.
• Data leakage prevention.
• Monitoring activities.
• Web filtering.
• Secure encryption.

Unequivocal commitment

In the opinion of Manuel Santamaria, CIO of Tarlogic, the renewal of this certification unequivocally endorses the company’s commitment to the most advanced standards within the sector.

He details, “The ISO 27001 certification of cybersecurity consulting services provided by Tarlogic and BlackArrow is in addition to the quality and environmental certifications.”

“All of this,” he continues, “endorses our commitment to the security of our own information and that of our customers.

In this context, Tarlogic’s management believes that renewing the ISO 27001 certification strengthens the company’s market position. It is evidence that Tarlogic is aligned with industries and companies that demand state-of-the-art information use and protection.

ISO 27001 certification is an international information security standard, but after its update in 2022, it has also become a cybersecurity standard and validates privacy protection, which is critical today.

In addition, it is a tool that guarantees the confidentiality, integrity and availability of any organization’s data and the systems and applications that process it.

In short, Tarlogic once again proves that it behaves with the same rigour and professionalism in its internal operations as in the companies in which it deploys its cybersecurity services.

ISO 27001 certification describes how an Information Security Management System is planned, implemented, verified and controlled.

A global approach

It is a global approach for the company that ensures the confidentiality of data: only authorized persons will be able to access it.

Also, it is available: authorized personnel will handle this information when needed.

All this is obtained from an exhaustive risk analysis.

This is a process that focuses on all the professionals involved, as well as the methods and ICT systems engaged in this activity.

The possibility of having these certifications in the information age will be a differential element to distinguish operators within the sector.

The volume of data handled by companies has increased exponentially in recent years and will increase even more in the next decade.

In this context, demonstrating responsible use of data will become imperative for the cybersecurity sector.

Moreover, the consolidation of phenomena such as teleworking and mobility has raised the challenges faced by companies in this area.