BSI has awarded Midshire Business Systems ISO/IEC 27001:2013 certification for its ISMS Information Security Management System.
Midshire completed the second stage of ISO 27001 in February 2015, when detailed audits confirmed that it had successfully established its data security in line with ISO 27001 requirements.
Midshire started the accreditation process in November 2014, when it moved to new office and warehouse facilities in West Bromwich.
Highlights of its strategy to protect client and business data include;
- Risk assessments for all information assets;
- A Clear Desk Policy to remove confidential paperwork from desks and workstations every night;
- A Clear Screen Policy to protect data visible at workstations;
- Threat detection and monitoring software for email, networks and infrastructure; and
- Full control of hardware and data destruction including issuance of waste transfer notes and disposal certificates.
Sales Director Kevin Tunley said: “ISO 27001 means that when our customers entrust us with their data they can be assured that we are a responsible supplier. The accreditation will open doors for Midshire to tender for contracts for the larger organisations and government bodies that require this standard as a minimum requirement.”
Midshire is already ISO 9001, ISO 14001 and OHSAS 18001 certified