The FlyFreely drone management platform has achieved rare airs in its field, achieving an ISO 27001 certification for information security.
SAI Global certified the Brisbane-based startup after it demonstrated its ability to protect and maintain the integrity of customer data.
FlyFreely co-founder and CTO Dr. Nigel Sim said it was the culmination of 6 months of work to ensure their processes and procedures met their rigorous requirements.
“Information security has been important to us from day one. This certification is the next step for us on that path. It’s great validation that we’re doing the right thing,” she said.
“We’ve always known that we take security seriously, but to have an independent third party come in and confirm that shows that we do what we say we do.”
ISO 27001 certification is globally recognized as the gold standard for protecting customer data.
Dr. Sim said that the FlyFreely team had been improving the security of their systems and processes for some time, so when it came to verification, it was about providing evidence of how it had been done.
“As we’ve seen recently, it’s critical that companies do everything they can to protect customer data,” he said.
“One of the first questions that large organizations ask themselves is if we have this certification, and now we can say yes.”
Dr. Sim said that he believed it was important for companies to be open and transparent about the mechanisms they had.
“None of us can completely eliminate the risk of cybersecurity breaches, but we can do everything we can to prevent them and have a plan to respond.” he said.
“If it happens, it’s about informing those affected, containing the breach and understanding how to prevent it from happening again.
“You do that by having the right processes to start with.”
ISO 27001 certification recognizes organizations that have implemented best practices for information security management.
The standard is based on a risk management approach and provides a framework that companies can use to identify, assess and manage risks to their information and information systems.
