Beekeeper Achieves ISO Certification to Protect Hotels' Data
With the European General Data Protection Regulation (GDPR) now in effect, Beekeeper announces that it is ISO 27001 Certified in addition to being GDPR compliant.
Published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the ISO standard is protecting intellectual property, employee details, and information entrusted to Beekeeper by third parties. As a SaaS offering and recognized data processor, Beekeeper has completed all necessary technical and organizational measures to ensure that its product and services will reduce its customers’ risk significantly in the digital workplace.
The ISO 27001 is the best international practice standard for information security, and it covers people, processes and technology. By protecting information and reducing risk using this three-pronged approach, Beekeeper is defending itself from technology-based risks and other common threats, such as poorly informed staff or ineffective procedures.
- The pseudonymization and encryption of personal data;
- The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- A process for regularly testing, assessing and evaluating risk and the effectiveness of technical and organizational measures for ensuring the security of the processing.
ISO 27001 certification enables Beekeeper to:
- Reduce information security risks through data encryption. With ISO Certification, Beekeeper can identify which assets are at risk and require encryption to adequately protect them.
- Ensure ongoing confidentiality, integrity and availability of information. If the data is available but in a format that is not usable because of a system disruption, then the integrity of that data has been compromised; if the data is protected but inaccessible to those who need to use it as part of their jobs, then the availability of that data has been compromised.
- Mandate risk assessment by identifying threats and vulnerabilities that can affect its information assets. It also provides steps to assure the confidentiality, availability and integrity (CIA) of that data.
- Address the importance of business continuity management. It provides a set of controls that will protect the availability of information in case of an incident and protect critical business processes from the effects of major disasters to ensure their timely resumption.
- Undergo independent assessment and audits by an accredited certification body to ensure that it is meeting the requirements of the Standard.