ISO27001 is an internationally recognised security standard that comprehensively defines the requirements for establishing, implementing and documenting an effective information security management system. It replaces the BS7799 information security management standard, which NTT Europe Online achieved in 2004.

Neil Wheelwright, Information Security Manager at NTT Europe Online, is responsible for the ISO27001 programme and explains what this means to existing and future customers:

“The ISO27001 certification gives our customers an independent verification that NTT Europe Online accords a high level of importance to security matters as a company,” says Wheelwright, “The technology involved in securing the customer’s Internet presence is obviously important, but so too are the processes surrounding the management and handling of information: these are often overlooked.”

Wheelwright continues: “The confidence comes from knowing that all NTT Europe Online staff have been sensitised to security matters and that they are contractually bound to follow a complete set of security policies that are externally audited every six months by Lloyd’s Register Quality Assurance.  A large part of my work is to identify emerging threats, keep policies current and ensure staff are aware of security issues.”

“Our Business Continuity Plans (BCPs) and the management of them are one of my major responsibilities.  The BCPs are designed to ensure that our data centres and head-offices remain available in the event of a disruption or disaster.  They have been invoked to deal with scenarios ranging from the July 7 bombings in London to simple office power cuts.  Senior Managers and Information Security Groups in each country test their plans at least every six months.”