Persei vivarium successfully passes the audit and renews its ISO 27001 certificate
by Miguel Cabañas, May, 29 2019
At Persei vivarium, we have always been committed to continuous improvement, working closely with our clients.
We are happy to announce that we have just renewed the challenging ISO 27001 certification, an international standard for information security. Persei vivarium has put in place 114 controls (for 11 domains). This standard reflects the best practices for managing IT security.
One of our main objectives for 2018 was to improve the identity management controls across the different platforms that our company uses.
The 9th domain part of the ISO 27001 standard describes the best practices related to access controls, the objective of which is to prevent unauthorized access to information systems. The procedures include all stages of the life cycle of user accesses. Different controls have to be put into place to ensure the security of the information stored in our systems at all times.
Like other companies, Persei vivarium has different information systems for data management that are used in daily work, ranging from platforms for customer management (ERP, CRM) and financial applications, to our clinical data platforms that we offer for the collection and management of quality structured clinical data.
The approach described above presents a great challenge, and there are few solutions in the current market.
Among other controls (LDAP/AD, access controls, password policies, training), we have created a new process, the “Persei Password Audit process” (PPA). PPA is an open source application for checking password strength across multiple different systems.
If you want to know more about ISO 27001 certificate, click here.