Information Security ISO27001

Secure server roomPreview are proud to have achieved accreditation to BS ISO/IEC270001:2005. The BS ISO/IEC 27001:2005 standard requires that an organisation has implemented comprehensive information security controls to address any potential information security risks in its systems.

They also require the implementation of a management process to ensure that these controls continue to meet the organisation's information security needs on an ongoing basis. The ISO 27001 certification is a demonstration of Preview’s firm stance on data security, with that of their clients’ data being of the very highest priority.

In addition to ISO recognition, we rigorously maintain a number of additional internal data security standards and controls, ensuring protection and care of client information. By demonstrating this commitment, Preview is routinely trusted to protect and manage vast client databases and archives.

Our information security management systems (ISMS) oversee all three critical security domains; Operational, physical and systems security. We lock down all access to our facilities and data centres. We implement tried and tested access, hazard and environmental control systems to protect physical and electronic material. Our police vetted security personnel then monitor our hardened systems from the inside.

Preview Security: At a Glance

 

Physical Security

  • Facility access limited by security staff and technicians
  • Passcode access to critical facilities & data centres
  • CCTV monitoring & telemetry across operations.
  • Unmarked locations for low profile
  • Independent 3rd Party security audits
  • Vehicle fleet remotely tracked & monitored 24/7

Systems Security

  • Dedicated firewalls and SSL-encrypted data tunnels
  • Independent system penetration audits
  • Managed Data Backups
  • Intrusion detection to provide additional security layer
  • Risk and security assessments by dedicated security teams

Operational Security

  • ISO27000 based security policies and procedures
  • ISO27000 reviewed regularly as part of audit process
  • Police vetted staff are trained on related information security and privacy procedures
  • All physical and electronic access logged and tracked
  • Fully documented ISMS procedures
  • Audited disaster recovery & continuity plans
  • Intrusion detection to provide additional security layer
  • Risk and security assessments by dedicated security teams