Drone management platform FlyFreely has achieved rare air in its field, achieving an ISO 27001 certification for information security.
SAI Global certified the Brisbane-based startup after it demonstrated its ability to protect and maintain the integrity of customer data.
FlyFreely Co-founder and CTO Dr Nigel Sim said it was the culmination of 6 months of work to ensure its processes and procedures met its rigorous requirements.
“Information security has been important to us from day one. This certification is the next step for us along that path. It’s great validation that we’re doing the right things,” he said.
“We’ve always known that we take security seriously, but having an independent third-party come in and confirm that shows that we do what we say we do.”
The ISO 27001 certification is recognised worldwide as the gold standard for protecting customer data.
Dr Sim said the FlyFreely team had been enhancing the safety of its systems and processes for some time, so when it came to getting verified, it was a case of providing evidence for how it had been done.
“As we’ve seen recently, it’s critical businesses do everything they can to protect customer data,” he said.
“One of the first questions large organisations ask is whether we have this certification, and now we can say we do.”
Dr Sim said he believed it was important for businesses to be open and transparent about the mechanisms it had in place.
“None of us can completely eliminate the risk of cyber security breaches, but we can do everything we can to prevent them, and have a plan in place to respond.” he said.
“If it does happen, it’s about informing those impacted,containing the breach, and understanding how to prevent it from happening again.
“You do that by having the right processes in place to start with.”
The ISO 27001 certification recognises organisations that have implemented best practices for information security management.
The standard is based on a risk management approach and provides a framework businesses can use to identify, assess and manage risks to their information and information systems.