Data Management

Introduction

At ENGINE we have processing our customers’ data at the top of our priorities. We have structured our services on a data infrastructure that today supports the most sensitive applications.

Two elements are at the core of our infrastructure:

  • Secure, completely independent and ring-fenced hosting of all of ENGINE’s databases using cloud-based technology from top tier suppliers.
  • Certification of all of ENGINE’s data management procedures following the most stringent standards available today.

Microsoft Azure cloud

Microsoft Azure is an ever-expanding set of cloud services that help organisations meet the challenges businesses face.

Microsoft Azure cloud services are audited once a year for ISO/IEC 27001 compliance by a third-party accredited certification body, providing independent validation that security controls are in place. The Microsoft achievement of ISO/IEC 27001 demonstrates that Microsoft uses internationally recognised processes and best practices to manage the infrastructure and organisation that support and deliver its services.

The annual ISO/IEC 27001 certification process for the Microsoft Cloud Infrastructure and Operations group includes an audit for operational resiliency.

Further reading:
https://azure.microsoft.com/en-gb/

ISO 27001

Certification ISO/IEC 27001

ISO/IEC 27001 is an Information Security Management System (ISMS) published by the International Organization for Standardization and International Electro technical Commission.

An ISMS is a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.

ENGINE chooses to implement and certify ISO/IEC 27001 in order to benefit from the best practice the standard contains, but importantly to reassure its customers and clients that it processes and stores their data securely.

ENGINE’s systems and processes were designed and implemented with ISO/IEC 27001 compliance in mind. This means the ENGINE system is already secure, this is the reason why we commenced the certification process that will be completed shortly.

Further reading:
https://www.iso.org/isoiec-27001-information-security.html

Benefits of Certification

The certification means that our customers get peace of mind in knowing that not only is our internal data managed to an ISO/IEC 27001 standard, but theirs is too. 

Enhance information security metrics and reporting to justify ongoing and increasing investment in effective controls.