Actian Achieves ISO 27001 Certification

I am pleased to share that Actian has successfully achieved International Organization for Standardization (ISO) 27001 certification in April 2023. Our certification scope includes all of Actian’s worldwide office and data center locations and covers the design, development, testing, support, and sale of all Actian products.

What is ISO 27001?

ISO 27000 is a set of internationally recognized standards that outlines best practices for building Information Security Management Systems (ISMS). The standards are designed to help organizations establish, implement, maintain, and continually improve their information security practices to protect against potential threats and vulnerabilities. One of these standards, ISO 27001, is perhaps the best-known standard in the industry for ISMS.

What is ISO 27001 Certification?

The ISO 27001 standard lists the requirements for building an Information Security Management System. The requirements cover such domains as information security policy, asset management, cryptography, physical security, incident management, and more. In total, there are 114 controls grouped into 14 domains. During the certification process, an independent auditor examines an organization’s adherence to all 114 of these controls.

Why is ISO 27001 Certification Important?

Data breaches are increasing in frequency and cost.  In 2022, the average cost of a data breach reached a record high of US $4.35 million, according to the “Cost of a Data Breach Report 2022” by IBM and the Ponemon Institute. This report reveals that 83% of organizations studied have had more than one data breach. Fraudulent use of stolen or compromised credentials was the most common cause of data breaches (19% of breaches), followed by phishing (16% of breaches) and ransomware (11% of breaches).

By following ISO 27000 as a guideline for effective security, organizations can reduce the risk of data breaches and other security incidents, better protect their information assets, and improve compliance with applicable legal and regulatory requirements.

Although an organization can follow the guidance issued in the standard, Actian has chosen to go through the certification process with an independent accreditation body. This certification gives us confidence in the fact that we have built and are operating our ISMS properly, and also assures customers and business partners of our commitment to handling their information safely and securely.

You Can Trust Your Data With Actian

Whether your organization is required to comply with General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), Federal Information Security Management (FISMA), Payment Card Data Security Standard (PCI DSS), or the California Consumer Privacy Act (CCPA), the products you select to manage your data is critical to your success.

Actian’s commitment to providing the highest level of security and protection for our products and processes drove our decision to pursue ISO 27001 certification. By achieving this certification, we have demonstrated our ability to effectively manage information security risks and ensure confidentiality, integrity, and availability of systems and services.

Moving forward, we will continue to invest in our information security practices to maintain our ISO 27001 certification and to provide the highest level of security and protection. We look forward to building on this achievement and continually refining and improving Actian data security.

Learn More

Read our data sheet to learn how our Actian Data Platform delivers core security and compliance capabilities, including single-sign on, multifactor authentication, IP allow list, role-based access control, data masking, encryption, role separation, audit logs, security alarms, regional deployment control, and more.

About Bryan Batty

Bryan Batty is Senior Director of Solution Security at Actian, with over two decades of security and engineering experience. He has led key security initiatives, guiding both customers and partners in addressing pressing cybersecurity questions and compliance requirements. Before Actian, Bryan directed global product security for HCL Software Bryan has delivered talks at security conferences like RSA and OWASP meetups. He often publishes insights on emerging threats and secure development life cycle (SDLC) best practices. Bryan’s blog posts on the Actian site focus on security leadership, encryption methods, and compliance. Explore his latest articles for practical guidance on protecting your data assets.