It’s a big milestone - one that recognises our top-tier security standards and commitment to keeping our customers safe.
Spotlight Reporting is recognised with top-tier Global Security Certification
As a testimony to our ongoing commitment to delivering the best service, and putting our users - you - first, we’re excited to announce that we have officially received our ISO27001 certification. As an international standard to manage information security, this widely known certification is a clear way we can highlight our high level of security as we continue to evolve and grow.
It’s a big milestone - one that recognises our top-tier security standards and commitment to keeping our customers safe.
The certification is designed to provide a control measure for IT and data security, to ensure those seeking solutions and services can rest assured they’re in safe hands.
While each auditor will test slightly different controls within an organisation, overall the standard is based on the same areas that pose potential risk within an information security management system (ISMS). Each time the certification is delivered, it’s tailored to the organisation in question to ensure the same level of stringency is upheld.
Looking specifically at ISMS’s, the standard outlines best practices for data protection and cyber resilience. It thoroughly and rigidly considers the scoped area, be that the entire organisation or one department. This particular certification is also known to adapt to the ever-changing world of technology, ensuring it’s fit for our modern world.
The audit process was broken down into three main stages, an informal review of our ISMS, a more detailed and formal compliance audit including intensive testing, and follow-up reviews or audits to make sure our security practices are ongoing and compliant.
Throughout the process, Spotlight Reporting’s ISMS was systematically and thoroughly examined for information security risks, including any threats, vulnerabilities and impacts. We were also audited on our implementation of coherent and comprehensive cybersecurity measures that successfully mitigate potential risks. And finally, we were tested on our overarching management process that underpins our security systems and processes.
At Spotlight Reporting, we have long understood the importance of establishing and maintaining healthy cybersecurity measures, especially as our systems and solutions are trusted with important and sensitive data and information.
At present, we’ve been trusted to take care of thousands of the world’s most innovative accounting firms, trusted advisors, and businesses, as they work across different geographies, currencies and integrated systems.
When it comes to our software, we’ve implemented several core practices to uphold the integrity of our security. This includes the following:
Users are governed by admin control
Data is encrypted in transit and at rest
Users own and control all of their data
A Spotlight Reporting account is accessed with two-step authentication
24/7 monitoring ensures threats are caught around the clock
GDPR standards are complied with
Failover databases store regular backups
Physical access to Spotlight Reporting data centres is strictly controlled
To download our ISO27001 certification or to find out more about our key security features, click here.
Latest news, events, and updates on all things app related, plus useful advice on app advisory - so you know you are ahead of the game.