Crypto APIs, a B2B software-as-a-service (SaaS) platform for building blockchain and crypto applications, announced that it is now ISO/IEC 27001:2013 certified. The certification marks a milestone in the company’s progress as a B2B SaaS that offers users infrastructure to interact with blockchain and crypto.
In order to achieve the certification, Crypto APIs’ compliance was validated by TÜV Rheinland, an independent audit firm. TÜV is one of the world’s leading testing service providers with over 150 years dedicated to improving safety and quality.
“Attaining ISO 27001:2013 builds on the trust with our partners, giving them additional assurance that our infrastructure, operations, and team are dedicated to maintaining the highest security standards. While it is not a mandatory certification for organizations, for Crypto APIs, it is an essential investment and a validation of how seriously we take security, privacy, and data protection.”
– Nashwan Khatib, CEO of Crypto APIs
Importance of ISO/IEC 27001:2013
ISO 27001:2013 is an internationally recognized standard set for information security management systems (ISMS) within the context of an organization. The standard specifies the requirements for establishing, implementing, maintaining, and continually improving ISMS.
It allows businesses to prove to their customers that the information shared with the company is secure. Also, it evaluates the organization’s approach to security threats and vulnerabilities and ensures appropriate controls are put in place to mitigate any security risks.
The ISO/IEC 27001 standard was originally established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) in 2005.
A revision with stricter requirements was later adopted in 2013. ISO 27001 is similar to the SOC 2 framework, which is more closely associated with North America. Currently, ISO 27001 is the only globally recognized and auditable security standard for the evaluation of a business’s ability to protect sensitive and confidential data.