ISO 27001 – Protecting data

secure_padlock  Xenplate is trusted to collect, store and process millions of private records and L2S2 treats this responsibility very seriously. In 2014 L2S2 decided to achieve ISO 27001 accreditation, the internationally recognized standard of excellence for IT security.
A proper implementation of ISO 27001 involves every company member; it requires attention to detail, meticulous record keeping and guided behaviours to ensure that procedures are followed carefully. Meeting these requirements required two distinct phases of work: first, a thorough analysis of the work processes with the creation of written procedures and flow diagrams to ensure the business was fully understood and second the translation of the design into a cost effective solution that could be used by all members of staff without having a major effect on efficiency.

Unsurprisingly, Xenplate was used to implement the company systems and proved to be successful as ISO 27001 accreditation was achieved with the British Standards Institute only four months after deciding to commit.
Every member of staff uses Xenplate to enter their timesheets, server access, risk analyses etc and the system brings everything together for the audits. L2S2 also passed the second year audits 100% first time.
L2S2 maintain ISO 27001 accredited hosting facilities for the Xenplate Private Cloud in two separate geographic locations in the UK. Xenplate provides automatic failover between the two sites to ensure continuous mobile device operation.
All data storage and transfer is encrypted (AES256) and each customer is provided with a separate database. In critical applications and on customer request dedicated servers are provided to ensure complete isolation from other customers.
Fibre connections with copper backup is used for both the Internet and NHS N3 connections with sufficient capacity to allow thousands of devices to be deployed quickly. Dark fibre is available at the primary site to allow rapid scalability when required.