ISO27001 is a well-known standard in the traditional financial sector, fintech companies are getting mature enough to adapt such a comprehensive IT security framework. ISO27001 has been available for a while, however the first company applying blockchain technology has been certified just recently.
ISO/IEC 27001
The ISO/IEC 27001 is the best-known standard in the ISO/IEC 27000 family that provides the specification for an information security management system (ISMS). The standard was developed to „provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system” as per ISO’s documentation.
The ISO/IEC 27001 was originally published back in 1995. The latest version of the standard came in 2013 and has only received some minor updates since. Organizations that follow the recommendations laid out by the ISO/IEC 27001 standard can gain certification by an accredited certification body following the successful completion of an audit.
With the ever-increasing threat of information leakage and theft through hacking and unintentional internal incidents, ISO/IEC 27001 has become a staple in the information security area.
The motivation behind acquiring such certificate is to reassure customers and stakeholders that the organization has implemented reasonable protection around clients’ information.
The Blockchain Perspective
Blockchain technology has been designed around the concepts of transparency, accountability, and security. Information security gurus and financial freedom activists have long been singing the songs of the blockchain technology’s potential to lend its powers to the financial sector. However, the cryptocurrency industry took the spotlight away from blockchain while it developed and matured behind the curtains.
Now, it seems the technology is ready to fulfill its potential. In a first, Binance – one of the top cryptocurrency exchanges worldwide – has been awarded ISO security accreditation for following the ISO/IEC 27001 standard. The firm was audited by Norway based DNV GL, an international accredited registrar and classification society, and the United Kingdom Accreditation Service, a national accreditation body that evaluates firms on a variety of standards.
The accreditation is a huge leap forward for the blockchain technology. It validates the claims made about the technology’s potential in the financial sector over the last decade. Binance’s successful campaign to receive this certification also highlights that blockchain as a whole is ready for the customers’ trust. Other blockchain companies can follow Binance’s example and build confidence for this emerging technology by following the ISO/IEC 27001 standard.
The blockchain division at TrustaaS provides security audit, consultancy, operations and development services for enterprise clients looking to implement blockchain-based projects. As an ISO/IEC 27001 Lead auditor and with our extensive track record in financial services and other industry verticals, we are uniquely qualified to provide consultation and operation services regarding ISO/IEC 27001 compliance for the blockchain technology.
Contact us now to get immediate guidance how to apply the standard for your blockchain system.