We live in an uncertain world and monitoring should try to make sure that whatever happens we will always be informed. Therefore, security is the basis of everything in monitoring and for us it has always been one of the pillars of our strategy as a product.

Security is not a technology, it is a way of thinking and acting, we could even say that it is an attitude.

For years we have attended international fairs, events where computer security is offered as specific products. Many people may think that by buying products you reinforce your company’s security, but no, that is only a small part. Security is about changing the way we run the organization, from how we share information to how we use systems.

Pandora FMS has always been aware of this, and it can be seen in our security architecture guide our guide to GDPR compliance which is also valid for regulations such as PCI/DSS and of course, because as a company we are ISO 27001 certified.

We don’t boast about it, but we are also one of the few commercial software vendors with a public vulnerability communication program.

ISO 27001 certification provides us with important backup towards our national and international clients, many of whom request information from us about our business continuity plans, the security of our development and implementation processes, what protection measures of the privacy of the information we have and how we control the information available to our suppliers.

We understand that for them it is as important or even more than for us and having a certification that strongly supports us is something to be proud of. Many of our clients are pharmaceutical companies, financial institutions – some over a century old – and government entities. Due to confidentiality contracts we cannot mention their names, but large and small, to a greater or lesser extent, everyone is concerned about aspects related to information security.

Today we can proudly say that not only do we also care about it, but that we have proven our commitment.

ISO/IEC 27001 is a standard for information security (Information technology – Security techniques – Information security management systems – Requirements) approved and published as an international standard in October 2005 by International Organization for Standardization and by the International Electrotechnical Commission.

It specifies the necessary requirements to set, implement, maintain and improve an information security management system (ISMS) according to what is known as the “Cycle of Deming “: PDCA – acronym for Plan, Do, Check, Act (Plan, Do, Check, Act). It is consistent with the best practices described in ISO / IEC 27002 , formerly known as ISO / IEC 17799, with origins in the BS 7799-2: 2002 standard, developed by the British standards body, the British Standards Institution (BSI).