An Aconex news release popped up in my Google Alerts, announcing that the Australia-based construction collaboration technology provider has achieved ISO27001 certification – the highest international standard for information security management – for its operations in Australia.
This achievement puts Aconex on a par with other vendors who have achieved ISO27001 accreditation, including early movers UK-based BIW Technologies and Cadweb (post – indeed, I recall both were arguing about ISO27001’s predecessor BS7799 in 2002), as well as firms like 4Projects, Asite and Unit4 Collaboration all of whose data is, I believe, hosted at ISO27001-compliant data-centres.
According to the release, Aconex is aiming to extend the scope of its certification to cover its other data and disaster recovery centres, including those in the USA, in 2012.
2 comments
Paul,
Although hosting in ISO 27001 or SAS 70 certified data centres is desirable and something that Aconex has done for some time now, a data centre is only managing the physical environment around the hardware. A SaaS provider achieving certification indicates that the systems and processes they use to manage their client’s information, both within that physical environment and across their business are in accordance with the standard, which is a significant difference. The level of accreditation achieved by Aconex covers such things as our development process, release and change management, and data access, availability and integrity – significantly more than most vendors can offer, regardless of what data centre they use.
David Chatterton
CTO, Aconex
Well done Aconex! Now everyone will have to get certified rather than pretending that just because their data centre happens to be certified so are they. BTW you can look up who actually is certified to ISO27001 here: http://www.iso27001certificates.com/Taxonomy/CertificateSearch.htm