ActivePlatform is ISO/IEC 27001 certified

August 27, 2021: ActivePlatform successfully passed an audit to get ISO/IEC 27001 certification as a company and successfully passed the annual penetration testing as a platform.

At ActivePlatform, security is vital to everything we do and plays a key role in everything from how we build and deliver our platform to how we hire and train our employees. We're committed to the security of our software and infrastructure and it is a cornerstone of account controls, audits, and the services we provide to our customers.

Digital security is a vital topic for most companies nowadays. But ActivePlatform customers are in safety. We're committed to our security philosophy and as proof, we've got ISO/IEC 27001 certification.

This certification is a significant milestone, demonstrating that ActivePlatform meets the most stringent, internationally recognized security standards.

The International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) is an independent, international standards-setting body. Through its membership of multi-national standard bodies comprised of experts in various domains of cybersecurity, it develops consensus-based, market-relevant international standards.

ISO/IEC 27001 is an international information security standard, adopted by the ISO/IEC and intended to bring information security under management control by establishing a framework for all policies, processes, and technical controls related to security. The framework covers all aspects of the business, including legal, physical, technical, and operational controls.

Following the successful completion of an audit, organizations that meet the requirements may be certified by an accredited certification body. And ActivePlatform has done it.

ISO/IEC 27001 certification requires an organization to:

• Systematically examine its information security risks, taking account of the threats, vulnerabilities, and impacts
• Design and implement a coherent and comprehensive suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address any risks deemed unacceptable
• Adopt an overarching management process to ensure information security controls continue to meet the organization's information security needs on an ongoing basis

Achieving compliance with ISO 27001 ensures ActivePlatform has a comprehensive and mature security management program in place that aligns with industry standards. This certification involved aligning our existing policies, processes, and technical controls with the requirements set out by the standard, including:

• The governance framework of policies and procedures
• Information security training and awareness programs
• Control-implementation guidance in ownership and accountability processes
• Prompt identification and mitigation of security risks
• Continuous improvement strategies of the security posture

Our ISO 27001 certification is evidence of our ongoing commitment to customer satisfaction by demonstrating the following core values:

• Security is a priority in everything we do at ActivePlatform, from product development to day-to-day operations.
• Operational excellence is our commitment in all areas, including software development, IT, and information processes.
• Exceptional results are our goal by having an organized process structure and defined strategy.
• Continual improvement is how we operate, addressing evolving security threats by identifying vulnerabilities and mitigating risks.
• Compliance with all privacy standards and requirements is an integral part of our business, including GDPR and PCI.
• A proactive approach is how we operate, creating a secure framework for an enhanced customer experience.

Not as a part of the audit, but as a part of our day-to-day security operations our platform successfully passed regular annual penetration testing procedure last month. Second-year in a row we successfully prove that our platform and customer's data on it are reliably protected from any kind of intruder.

ActivePlatform is a full-service automated cloud brokering solution for cloud service providers and internal IT hubs that makes it easier to manage and control the cloud delivery and profitability. ActivePlatform unites vendors, providers, developers, and resellers into a single ecosystem for buying, selling, and managing cloud services. With its open vendor integration framework, ActivePlatform creates a vibrant catalog of cloud services ultimately helping businesses gain access to the services they need to thrive.

ActivePlatform enables SaaS, PaaS, IaaS aggregation, delivery, and monetization, provides simplified administration through central management, and enables critical visibility into resellers and cloud services consumption and usage. The platform has implementations with distributors, cloud solution providers, and telecom operators. ActivePlatform is headquartered in Europe.