What does this mean for our partners?
Achieving ISO 27001 certification confirms that our systems and processes meet the highest international standards. More importantly, it means our partners can feel confident in how highly we prioritise their data safety and trust.
For us, security isn’t just a technical checkbox; it's a company-wide priority that's embedded in everything we do. You’ll see this in how we hire and onboard our team, how we’ve developed and tested our products, in product development and testing, and in the careful management of student data. Data security is at the core every decision we make.
We believe in transparency. If you want to understand more about how we protect your data or the steps we’ve taken to keep our systems secure, you can learn more here.
What have we done?
Over the last three years, we’ve worked hard to strengthen our approach to security in every aspect of the company; from people to products and everything in between, to meet the latest ISO standard.
This included:
- Completely restructuring our servers and backup solutions;
- Regular independent penetration testing of our external systems;
- Formalising recruitment, risk and change management processes;
- Introducing a threat management tracker;
- Considering information security at the heart of every project.
We have been certified against the latest 2022 standard, which involves a significant restructure of the controls in the previous 2013 standard. It also introduces new controls in areas like cloud services, threat intelligence, readiness for business continuity, and data masking, reflecting the evolving nature of today's digital risks.
We care deeply about information security and are committed to staying ahead of the curve. We’ll continue to review and update our processes and policies to reflect the latest guidance and best practices in data protection and GDPR.
.webp)