"Information security permeates the whole organisation," said Bert ten Brinke, SIDN's Security Officer. "It's about much more than the technical things – the networks, the user log-ins and the prevention of unauthorised access. To a large extent, security is about the awareness of people at all levels of the organisation and about how that awareness translates into behaviour."
"Everyone at SIDN is concerned with information security on a daily basis. The importance of information security continues to grow, and so does our investment in it. The annual audit also requires considerable time input from a lot of our people, but it's all for a good reason," observed Roelof Meijer, SIDN's CEO. "We play a vital role on the Dutch part of the internet and - with hacks and information leaks making the news on a daily basis – it's very important that our information security is up to scratch. Getting an ISO 27001 certificate shows that we've taken every precaution to protect our information and systems against unauthorised access. SIDN is one of a very small number of registries around the world that have been certified to the latest ISO 27001 standard for several years. That's something we're proud of."
What is ISO 27001?
ISO 27001 is an international standard published by the International Organization for Standardization (ISO). It describes the management of information security within an organisation, and serves as a framework for assuring the confidentiality, integrity and availability of information. To satisfy the standard, an organisation must have a security process characterised by a continuous cycle of improvement, based on risk assessment, mitigation, monitoring and reporting.