Business Continuity Plan – COVID 19

In light of the risk posed by the COVID-19 virus GoPro/Hugvit wish to inform all our customer that the company has in place a Business Continuity Plan as part of our ISO 27001:2013. We have reviewed this plan and are taken the following COVID-19 specific measures:

Employees showing signs of symptoms related to COVID-19 or has been in close physical contact with someone showing symptoms, will be required to work from home for 14 days, in accordance with government policies.

As a part of the further actions taken are:

  • We are ensuring that key employees have access to appropriate, secure equipment at home and have the necessary access and tools to fulfil their duties remotely from home.
  • A substitute has been appointed for all key employees within the organization.
  • We have placed extra hand-sanitizers stations around our offices as well as increase office cleaning.
  • We will prioritize the use of on-line meetings and on-line service in our operation.
  • We are implementing new travel rules, stopping travel to high-risk areas and introducing a mandatory 4 days stay at home for employees returning from travel.

GoPro has an operation in several countries and will transfer workload between offices as needed at any time to ensure service level and availability.

If our business will be significantly affected by COVID-19, we will update this information as needed on our website www.gopro.net and www.hugvit.is

GoPro’s operations are ISO 27001 certified for information security

Information security is one of the cornerstones of software development at GoPro. The importance of security in information technology has grown in recent years, and GoPro has set an ambitious goal to support and meet these increasing demands.

A milestone was reached when the information security management system (ISMS) for GoPro Case Management Software Solutions was certifiedby the British Standard Institutions (BSI) in Iceland. BSI audited the system according to the ISO 27001: 2013 standard of information security last year. This certification recently passed another inspection, confirming the successful adoption of the certified processes, which cover product development, consulting, services and hosting.

“Information and data loss is one of the biggest threats that companies and organizations need to deal with today, so it’s important for companies to protect information about the companies themselves and customer relations. The information security management system that complies with the requirements of ISO 27001: 2013 is a managed method of managing confidential information that concerns the company so that it stays safe. It helps companies identify current and potential vulnerabilities in information security and enables the company to take action before damage occurs. ”
– BSI

Regular review is an essential part of maintaining the validity of such certifications. Handbooks and quality documents are of little use if they are not maintained and applied. GoPro set a goal of embracing information security as an integral part of the company culture, so that security is a seamless part of daily work. That approach required extensive preparation and the involvement of every department, with proven success.

“This certification in the field of ISO 27001 information security is important to us. We worked hard to document and review all our information security activities, in compliance with this international standard,”  states Helga Ingjaldsdóttir, CFO and Board member Hugvits.

“Information Security is one of today’s greatest IT challenges. GoPro’s ISO 27001 certification is a mark of our commitment to be at the forefront of development and service of reliable and secure solutions. It is a landmark in ensuring the security of our customers’ data both in software development, hosting and service, as well as our business operations. For companies that sell solutions worldwide, it’s an essential part of building trust in the company.”

The ISO 27001: 2013 standard was implemented in accordance with GoPro’s internal security policy, which pertains to development, services, consulting, hosting, project management and operation of information systems, and works to secure the confidentiality, integrity, availability and security of important information.

What is ISO 27001?

The ISO 27001 standard deals with information security, specifies requirements for implementation, maintenance and continuous improvement of information systems and their management in accordance with best practices.

The standard also includes requirements for evaluation and management of security features tailored to the nature of the companies.

 

GoPro has been Cyber Essentials certified

Cyber Essetials

We are happy to announce that GoPro has achived Cyber Essentials certification.

The Cyber Essentials Scheme has been developed by UK government and industry in order to provide a sound foundation of cyber hygiene measures, in order to significantly reduce an organisation’s vulnerability and mitigate the risks from internet-based threats.

The Cyber Essential Sheme covers the core requirements for firewalls and Internet gateways, security configuration, user access controls, malware and patch management. Systems that fall within the scope of the Cyber Essentials Scheme include devices such as PCs, laptops and mobile devices, as well as email, Web and application services and Internet-based services.

By successfully certifying against the Cyber Essentials Scheme, GoPro has demonstrated that we have implemented measures to lower the risk of serious data and financial loss, as well as demonstrate to our customers we have taken steps to be fundamentally cyber safe.

Further information here.