In December 2022, oxus.ai was awarded ISO27001 certification. This internationally recognized information security standard was achieved after months of preparation and 2 rigorous audits. This certification offers both existing and prospective customers peace of mind when it comes to their data. It also demonstrates to large companies that oxus.ai is capable of handling information at the volume needed.
ISO27001 is a globally recognized information security standard, and represents a gold standard in data protection, as Donatas Tamošauskas, co-founder and CTO at oxus.ai, explains. "ISO27001 is one of 2 international standards that prove you have a robust information security process in place - the other is SOC2, which is widely used in the US," says Donatas. "These standards basically prove to other organizations that you can be trusted with their data."
A strong examination of an organization's data practices
According to Donatas, oxus.ai's decision to apply for ISO27001 certification was a proactive one. "We weren't receiving requests from customers exactly, it was more a preemptive call on our part," he explains. "But what we did understand is that big companies were feeling a lot of pressure in terms of their data security. This is especially true for EU-based companies because of GDPR. So we understood that we have to work extra hard to be a trusted partner, and saw ISO27001 as an excellent way to provide our clients with peace of mind."
"Working extra hard" was certainly required to pass ISO's stringent certification process. "We started the application process in late 2021," says Donatas. "The first step was to conduct internal audits where we defined our processes and policies for handling information."
"Through these audits, we identified areas for improvement. We then made the necessary changes to ensure our data security was even stronger."
"The final step was to go through two rigorous external audits, which were very intense," Donatas continues. "Over 2 separate days, the auditors looked into everything related to information security at oxus.ai: how and where we store data; our processes for developing software; how we onboard staff; who has access rights; and what happens when someone leaves the team."
"We are very happy that, after such a thorough examination, our data security has received the ISO seal of approval. This would not have been possible without the hard work of the whole team, and the excellent support we received in our application from Uolektis."
While Donatas rightly hails the certification as good news for his team, it is also good news for oxus.ai's customers, present and future. "Receiving this data security certificate means new customers will be able to integrate with us faster and more seamlessly. Plus, it provides additional proof to large companies that we have the capacity to meet their data needs."
"And for our existing customers, the main benefit is that they will now be able to move faster and with less friction. They will also have additional peace of mind that their data is safe."
An ongoing focus on data security
While Donatas and his team are rightly pleased to have achieved this high standard, it is far from the end of their work when it comes to data security. "We have to recertify every year," says Donatas. "That means we have to maintain and continually monitor the processes we have put in place, and keep track of any new developments in this field. We know that in one year we will be audited again, so taking our eye off the ball is not an option."
"Along with ISO27001, there is other ongoing work on our information management that requires attention," Donatas continues. "We are compliant with GDPR and have a Data Protection Officer in place. And as we continue to expand and bring on more and larger clients, we will work even more intensively in this area. We will continue with penetration testing, and also have interesting questions about the servers we use as we develop on other continents."
Achieving ISO27001 is a major step in oxus.ai's data management journey, one that will bring concrete benefits to new and existing clients and offer greater peace of mind. And the oxus.ai team is committed to remaining on top of data security now and into the future.