We live in an uncertain world and monitoring should try to ensure that whatever happens we will always stay informed.

Therefore, security is the basis of everything in monitoring and for us it has always been one of the pillars of our strategy as a product.

You still didn’t know it? Pandora FMS gets ISO/IEC-27001

Security is not a technology, it is a way of thinking and acting, we could even say that it is an attitude.

For years we have attended international fairs and events where computer security is offered as specific products.

Many people may think that by buying products you reinforce your company’s security, but no, that is only a small part of it.

Security is about changing the way we manage the whole organization, from how we share information to how we use systems.

Pandora FMS has always been aware of that and you may see it in our security architecture guide, our GDPR compliance guide -which is also valid for regulations such as PCI/DSS- and of course, because as a company we are certified with ISO 27001.

We don’t boast about it, but we are also one of the few commercial software vendors with a public vulnerability disclosure policy.

Certification ISO 27001 provides us with important backup towards our national and international clients, many of whom request information from us about our business continuity plans, the security of our development and implementation processes, what protection measures of information privacy we have in force and how we control the information available to our suppliers.

We understand that for them it is as important or even more than for us and having a certification that strongly supports us is something to be proud of.

Many of our clients are pharmaceutical companies, financial institutions – some over a century old – and government entities.

Due to confidentiality contracts we cannot mention their names, but large and small, to a greater or lesser extent, everyone is concerned about aspects related to information security.

Today we can proudly say that not only do we also care about it, but that we have proven our commitment.

But what is ISO/IEC 27001?

ISO/IEC 27001 is a standard for information security (Information technology – Security techniques – Information security management systems – Requirements) approved and published as an international standard in October 2005 by the International Organization for Standardization and by the International Electrotechnical Commission.

It specifies the necessary requirements to set, implement, maintain and improve an information security management system (ISMS) according to what is known as the “Cycle of Deming”:

PDCA – acronym for Plan, Do, Check, Act.

It is consistent with the best practices described in ISO/IEC 27002, formerly known as ISO/IEC 17799, with origins in the BS 7799-2: 2002 standard, developed by the British standards body, the British Standards Institution (BSI).