Information security is one of the cornerstones of software development at GoPro. The importance of security in information technology has grown in recent years, and GoPro has set an ambitious goal to support and meet these increasing demands.
A milestone was reached when the information security management system (ISMS) for GoPro Case Management Software Solutions was certifiedby the British Standard Institutions (BSI) in Iceland. BSI audited the system according to the ISO 27001: 2013 standard of information security last year. This certification recently passed another inspection, confirming the successful adoption of the certified processes, which cover product development, consulting, services and hosting.
“Information and data loss is one of the biggest threats that companies and organizations need to deal with today, so it’s important for companies to protect information about the companies themselves and customer relations. The information security management system that complies with the requirements of ISO 27001: 2013 is a managed method of managing confidential information that concerns the company so that it stays safe. It helps companies identify current and potential vulnerabilities in information security and enables the company to take action before damage occurs. ”
Regular review is an essential part of maintaining the validity of such certifications. Handbooks and quality documents are of little use if they are not maintained and applied. GoPro set a goal of embracing information security as an integral part of the company culture, so that security is a seamless part of daily work. That approach required extensive preparation and the involvement of every department, with proven success.
“This certification in the field of ISO 27001 information security is important to us. We worked hard to document and review all our information security activities, in compliance with this international standard,” states Helga Ingjaldsdóttir, CFO and Board member Hugvits.
“Information Security is one of today’s greatest IT challenges. GoPro’s ISO 27001 certification is a mark of our commitment to be at the forefront of development and service of reliable and secure solutions. It is a landmark in ensuring the security of our customers’ data both in software development, hosting and service, as well as our business operations. For companies that sell solutions worldwide, it’s an essential part of building trust in the company.”
The ISO 27001: 2013 standard was implemented in accordance with GoPro’s internal security policy, which pertains to development, services, consulting, hosting, project management and operation of information systems, and works to secure the confidentiality, integrity, availability and security of important information.
What is ISO 27001?
The ISO 27001 standard deals with information security, specifies requirements for implementation, maintenance and continuous improvement of information systems and their management in accordance with best practices.
The standard also includes requirements for evaluation and management of security features tailored to the nature of the companies.