Climate-neutral data center EvoSwitch obtains ISO Certification
ZERODOWNTIME Magazine - Posted on: 28-11-2007
EvoSwitch, the Dutch carrier-neutral data center that operates climate-neutrally, has been certified by Professor Dr. Ronald Paans from Noordbeek IT Audit in accordance with the ISO 27001 standard. The certification process took two months to complete.
Professor Paans: commented: "Only about 4000 ISO 27001 certificates have been issued worldwide." For customers, this means that their information is secured within EvoSwitch in accordance with the most stringent standards, and that the company complies with relevant legislation and regulations, such as the Personal Data Protection Act of the Netherlands.
“ISO 27001 is the standard when it comes to the reliability and safety of IT processes in a data center,” says Professor Paans. “You know for certain that the integrity, confidentiality and availability of data have been ensured. I had already audited various data center organisations together with Professor Dries Neisingh, one of the main advocates of IT certification in the Netherlands, who has since retired. However, never before had I seen an organisation such as this one apply for ISO 27001 certification. EvoSwitch is growing rapidly and this is impressive to witness, but up until now I had only issued the ISO 27001 certificate to really large international groups with a few thousand employees. Some 50 certificates for ISO 27001 certification have been issued in the Netherlands, so EvoSwitch is leading the way in this respect.”
“What we saw within EvoSwitch looked most professional,” says Paans. “By examining documentation, observing and conducting interviews, we established that everything tallies within EvoSwitch, in terms of documentation as well as compliance with procedures. The setup of their IT processes conforms to the market standard for data centers as far as security is concerned. Diesel generators have to be started once a month, for example. Logbook entries allow you to verify whether this is actually done. There also has to be an appropriate division of duties, and adequate supervision via specific inspections performed by a security officer and at the request of management. To name just a few points.”
Paans found it interesting to observe that the ISO review did not place any additional burden on the EvoSwitch organisation. “An ISO review can be a difficult process for organisations,” explains Paans. “Your procedures have to be correct. Hard questions can be posed. We noticed that our questions were not considered burdensome. It was evident that EvoSwitch had already defined its own goals for attaining the highest level of quality. The company actually only wanted to demonstrate to its customers that it delivers quality.”
ISO is a continuous process ISO 27001 also includes the Code for Information Security. This is one of the most stringent standards for information security, a standard that the Dutch Central Bank (DNB) also imposes upon financial institutions such as banks and insurance companies. EvoSwitch will be audited every year to ensure it complies with all of the points in the strict standard. This implies that EvoSwitch will have to continuously monitor that the undertaken measures are complied with.
Want to know more?
Are you interested in the services and solutions of EvoSwitch?Please contact us. Email us or call at +31 (0)20 3165170
