System management of information security PN — EN ISO / IEC 27001: 2017
Hostersi have an information security management system compliant with PN- EN ISO / IEC 27001: 2017 in the scope of: "Customer IT infrastructure management services, including design, migration, development, and maintenance". The ISO certificate confirms that the company meets the requirements for information security, implements appropriate standards and best practices, actively manages and strives for continuous improvement of internal as well as customer IT resources.
Hostersi provide services that require access to many systems containing important data and information belonging to various partners and clients. These include business specific know-how as well as confidential information or personal data. For this reason, we make every effort to ensure that this data is safe at every stage. The management system implemented by our company was designed from the ground up, following security best practices, and meets high technical requirements regarding both information security and high availability (HA) along with a Disaster Recovery plan (DR) and Business Continuity Planning (BCP). Having security built into the process makes it convenient and easy to follow. This results in a natural, easy to follow approach to information security management, and minimizes the risk of human errors.
We have implemented the ISMS to:
- methodically protect data, by default and in all contexts – beginning with initial business talks and infrastructure implementation phase, throughout the entire time daily administrative care is provisioned, and even long after the collaboration ends,
- increase security of customers, partners and employees by applying safe and secure information processing systems,
- assure customers and partners, that security is paramount to all our operations,
- apply and follow security rules,
- train and raise employee and co-worker awareness of security provisions,
- process personal data safely (GDPR),
- eliminate customer’s data privacy concerns,
- confirm the company’s credibility and trustworthiness.
We aim to implement and apply the security measures we have adopted in all systems we maintain and every task we deliver. Ultimately however it is the Customer’s decision to follow and implement suggestions and guidelines we provide, e.g:
- information security best practices,
- secure access, encryption, connections and data transfer,
- secure sharing and transfer of passwords and access privileges,
- personal data protection principles for IT systems,
- infrastructure audit (e.g. according to AWS Well Architected principles),
- other suggestions for security principles.
A copy of our certificate is provided below.