We practice what we preach
We understand the importance of information security and treat your data as we do our own
UKAS Certified ISO 27001: 2013
Alliantist, the organisation behind ISMS.online, is UKAS certified for ISO 27001: 2013, (registration number IMS UK/01/1024328520). That scope covers our whole organisation, the people in it and our services including ISMS.online.
In terms of the supply chain, our data centre partners are also world class and have the same or equivalent accreditations too. Data is stored in UK datacentres. Other suppliers that need to, also have their own certified ISMS or follow our policies and controls.
Pan UK Government Accreditation and PSN Certification
Alliantist also delivers services to meet high levels of information security which means our overall practices go beyond the scope of ISO 27001. In fact, Alliantist was the only supplier of its type that achieved Pan UK Government Accreditation for its government clients when that was required for early GCloud frameworks. We still work to those high standards and hold PSN Certification.
We have also met the requirements for the original HMG Security Policy Framework and the related policies and controls as part of the pan-government accreditation of another product in the Alliantist suite, the pam platform. These include undertaking Baseline Personnel Security Standard (BPSS) checks and other vetting on new hires in addition to the other UKAS certified ISO 27001:2013.
We are compliant with the General Data Protection Regulations, which demonstrates that we handle personal data responsibly and in accordance with the law.
In the unlikely event that things go wrong, you can be confident that we have insurance for Professional Indemnity for Technology Companies, Public and Products Liability, Employers’ Liability, as well as Cyber and Data Crisis Containment.
Cloud Security Principles
Alliantist works to the Cloud Security Principles advocated by the National Cyber Security Centre NCSC.
ISMS.online offers 2-factor authentication (2FA) for its customers. All Alliantist staff also operate with 2FA on (where offered) for all services they need to deliver and support ISMS.online.
The platform undergoes at least an annual penetration test in line with CHECK testing standards and also has further tests whenever there is a material change.
The organisation has achieved Cyber Essentials certification in line with the IASME standard.