Mimecast Attains ISO/IEC 27001 Security Certification

Mimecast®, the leading supplier of cloud-based email archiving, continuity and security for Microsoft Exchange and Office 365, today announced that it has attained the ISO/IEC 27001 security certification.

Mimecast chose to become certified against the ISO 27001 framework as part of its ongoing mission to support clear, customer-friendly security standards for the cloud computing industry. Having an ISO 27001 compliant system helps customers make informed choices about their cloud security services and ensures vendor accountability.  Mimecast also recently announced that is has published its security controls in response to the standards set by the Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR), becoming one of only three suppliers to have provided access to their security controls. 

“Cloud computing has the potential to revolutionise the role of the IT team,” explained Mark O’Hare, Group Information Security Officer, Mimecast. “By taking away the burden of managing a complex on-premise infrastructure, IT teams can now focus on more effective use of the organisation’s data to deliver genuine business insight. Before IT teams can realise the potential of this data, however, they need to secure it. Cloud providers can help with this process by making sure that entrusting data to the cloud isn’t a leap of faith. Standards such as ISO and the Cloud Security Alliance’s STAR are vital because they help customers make an informed decision about which cloud providers they can trust with their data.”

 “At Mimecast, we are pursuing a ‘Defence in Depth’ approach, and achieving the ISO standard demonstrates our commitment to implementing, documenting and improving our defensive processes,” continued O’Hare. “It is of the utmost importance to us, as a company, to provide our customers with a guarantee of our dedication to information security, and an assurance that their information is being protected to the highest possible industry standards. Achieving a standard like ISO 27001 is fundamental to this approach, demonstrating that organisations do not have to think twice before entrusting their data to Mimecast.”

 Michael Brophy, CEO, Certification Europe commented, “In achieving certification to ISO 27001, Mimecast has joined the ranks of a select few. The company does not just talk about information security, but has stepped forward and subjected itself to independent and impartial assessment as a means of proving its credentials. The company should feel rightly proud that its procedures for protecting information have been tested and proven to operate to the very highest international standards, giving peace of mind to its customers and staff alike.  ISO 27001 is a very challenging task, and I congratulate Mark and his team on a very significant achievement.”

 Achieving the ISO/IEC 27001 standard involves a three stage security audit; including an initial review of the company’s ISMS, followed by an in-depth, formal compliance audit to test the company’s ISMS against the standard’s requirements. Finally, the company must complete regular follow-up audits to confirm that the organisation remains in compliance with the standard. Mimecast’s certification audit assessment was conducted by Certification Europe, an accredited leading international certification body, in February 2012.

ISO/IEC 27001 defines a set of best practice information security controls around which businesses can develop an Information Security Management System (ISMS). Established in October 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission, ISO 27001:2005 is designed to ensure that businesses are implementing security in a consistent, coherent and cost-effective manner.

For more information on Mimecast’s security offerings, please visit: http://www.mimecast.com/What-we-offer/Email-Security/secure-email-gateway/.

About Mimecast

Mimecast (www.mimecast.com) delivers cloud-based email management for Microsoft Exchange, including archiving, continuity and security. By unifying disparate and fragmented email environments into one holistic solution that is always available from the cloud, Mimecast minimizes risk and reduces cost and complexity, while providing total end-to-end control of email. Founded in the United Kingdom in 2003, Mimecast serves over 5,000 customers worldwide and has offices in Europe, North America, Africa and the Channel Islands.