Spherity Achieves ISO 27001 Information Security Standard Certification
Spherity, a company building digital identity management solutions, has achieved ISO/IEC 27001:2013 certification
Issued by TÜV Rheinland, the certification confirms that the company’s data security systems, including the secure development process, meet the industry’s best practices at the highest level.
ISO/IEC 27001 is the most widely used information security standard prepared and published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards. It includes requirements on how to implement, monitor, maintain, and continually improve an Information Security Management System (ISMS) within the context of the organization and its business needs. Conformity with this internationally recognized standard lies at the core of Spherity, since we consider information management essential to all of Spherity’s business operations. These best practices ensure we will continue to protect the interests of our customers, investors and employees, providing the highest level of security assurance.
Information security is the practice of ensuring the Confidentiality, Integrity and Availability of information and data according to the “CIA principle,” and thereby defending information and data from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. Additionally, this principle maintains business operations and protects business continuity while minimizing risks.
“To guarantee business continuity and protect data, we have built up an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. For us as a company that deals directly with one of the most valuable assets that civilization has — identity — it was the logical pathway to give information security an appropriate degree of importance. Furthermore, we see it as our duty to our customers and employees to enter into this self-imposed obligation and to guarantee the highest possible level of information security — also as an investment in the deep mutual trust and ongoing cooperation with our clients.”
– says Dr. Michael Rüther, COO/CFO, Spherity.
The certification was validated following an assessment done by the independent certification body, TÜV Rheinland. It covered the organization’s IT systems, cloud services, applications and all related assets, as well as all information and data stored and transacted. The scope also included the company’s office, located in Dortmund, Germany.
“Digitization is one of the trends of our time, bringing with it both significant opportunities and major risks: for example, new types of attack vectors are being created or the complexity of systems is increasing, which increases the risk of failure. Certification means that customers can expect systematic and continuous management of information security risks and business continuity. It is noteworthy that Spherity, as a start-up company, has committed itself to follow the internationally recognized standard for information security management.”
– says Klaus Schneider, Managing Director of IMS-SCHNEIDER and Lead Auditor for TÜV Rheinland Cert GmbH.
The certification is publicly available in the TÜV Rheinland Certificate Directory and also on the Spherity website. The organization’s ISO/IEC 27001 certification represents an important step forward on our journey to prove that we are committed to the highest standards of security and service.
Spherity is building decentralized digital identity management solutions to power the fourth industrial revolution, bringing secure identities to machines, algorithms, and other non-human entities. Spherity’s decentralized cloud identity wallet empowers cyber security, efficiency and data interoperability among digital value chains. The customer focus is primarily on highly-regulated technical sectors like pharmaceuticals, mobility and logistics.