As an ISO certified solution, Netsend ensures maximum security for e-invoicing and electronic document distribution. Recently awarded ISO 27001:2013, Netsend provides the assurance of ISO compliance when distributing business critical and sensitive documents.
What is ISO 27001:2013?
The ISO 27000 family of standards are designed to ensure security of information assets within organisations. ISO/IEC 27001 is the specific standard providing requirements for an information security management system (ISMS). As such, this provides the perfect framework for security in sensitive information handling by solutions such as Netsend.
ISO/IEC 27001:2013 is often shortened to simply ISO 27001, as the 2013 denotes the most recent revision of the standard – superseding the 2005 revision. Of particular note, the 2013 revision includes requirements around outsourcing, and organisational context of information security. These changes better align the standard with other management standards such as ISO 9000 and ISO/IEC 20000.
ISO 27001 compliance ensures:
- Assessment and management of the organisation’s information security risks, considering threats, vulnerabilities and impacts.
- A coherent and comprehensive suite of information security controls and other forms of risk treatment to address risks identified in point 1.
- Ongoing management process, including regular audits, to ensure information security controls continue to meet security needs.
- Risk assessment
- Security policy
- Organization of information security
- Asset management
- Human resources security
- Physical and environmental security
- Communications and operations management
- Access control
- Information systems acquisition, development and maintenance
- Information security incident management
- Business continuity management
What is the importance of ISO compliance in e-invoicing?
e-invoicing is inherently sensitive information, demanding the utmost rigor in information security. ISO 27001 is a natural fit for any organisation looking to apply the rigorous approach of ISO standards to their information security in general, and e-invoicing as a subset of this.
e-invoicing places sensitive billing information into the hands of electronic systems. Without external auditing and determination of compliance with a specific set of standards, such as ISO 27001 offers, there is no assurance that this information is being handled in the most secure manner.
As e-invoicing fast becomes the standard for invoicing, it is of paramount importance that businesses do not allow this sensitive information to be accessed, or modified by unauthorised individuals or systems. e-invoicing presents many security, as well as efficiency, benefits beyond traditional paper invoicing, and ISO 27001 compliance further strengthens this position.
ISO compliance and Electronic Document Distribution
ISO 27001 compliance provides an assurance that documents will be distributed securely via electronic document distribution. As increasing number of businesses turn to electronic document distribution for faster, more secure and lower cost distribution of business documents, it is imperative that businesses support this trust through the use of secure and compliance electronic document distribution solutions.
Netsend distributes over 1.5M secure documents each month for global businesses such as 20th Century Fox, easyJet, Pizza Hut and Total Gas and Power. With documents typically containing sensitive financial information (such as e-invoices/e-bills), Netsend has a duty of care to ensure the very highest standard of security in distribution and handling. ISO 27001 supports this through a precise set of recommendations and best practice applicable to the systems that handle this information.
Should you consider ISO 27001 compliance?
If you are looking to implement e-invoicing/e-billing or electronic document distribution for sensitive documents, you should seek out a solution that is ISO 27001 compliant. Without this, there is no assurance that the solution will deliver the level of security your customers need.
Whilst ISO 27001 isn’t a legal requirement, it provides greater assurance that you won’t make the headlines as the next ‘customer data breach’ story. Ensure you ask any e-invoicing or electronic document distribution solution provider for evidence of their ISO 27001 certification.
You can find the Netsend ISO 27001 compliance certificate here.