Group of smiling people, some wearing Druid company shirts, standing together indoors. In the center, two men are shaking hands while holding a framed ISO/IEC 27001 certificate, symbolizing an achievement or certification. A variety of certificates can be seen displayed on the wall in the background.
28.11.2024
Kirsi Vatanen

Druid Achieves ISO/IEC 27001 Certification: Security as Part of Our Customer Promise

Druid Oy has been awarded the ISO/IEC 27001:2022 certification following an external audit, underscoring the company’s commitment to high information security standards. This certification demonstrates that Druid’s information security management processes meet the internationally recognized standard aimed at protecting customer data and the company’s own information as comprehensively as possible.

The ISO/IEC 27001 certification covers Druid’s customer-specific software and web service development and maintenance, as well as internal business processes.

The changing landscape of information security requires companies to invest more than ever before. We wanted to invest in certification to prove to ourselves and our customers that our information security processes are robust,” says Mikko Hämäläinen, CEO of Druid.

Why Information Security Matters to Our Clients

Addressing information security in our daily work is not just a certification requirement, it’s also a vital part of Druid’s customer promise,” emphasizes Production Manager Pasi Järnstedt. “Our customers deserve not only first-class digital services but also the confidence that these solutions meet all accessibility, privacy, and information security regulations. A certified information security management system is one proof of our ability to handle compliance matters and, hopefully, improve our clients’ peace of mind.”

Continuous Improvement

The ISO/IEC 27001 certification was carried out in collaboration with KIWA Inspecta, who assessed and verified Druid’s information security management capabilities and practices. The certificate is valid for three years, with annual audits of Druid’s procedures to ensure the continuity of information security.

Improving information security is an ongoing process. We continuously maintain and develop our information security management system. New threats and security risks arise all the time, and we adopt new tools or practices to improve our overall security. The annual audit ensures that our management system evolves and that our operations meet its requirements.

What Does ISO/IEC 27001 Mean for Our Customers?

The ISO/IEC 27001 certification confirms that Druid has the required information security measures in place to protect customer data and ensure the confidentiality, integrity, and availability of information.

For most of our clients, the services provided by Druid are critical to their business operations and contain confidential information. Therefore, security breaches in web services can significantly impact data availability, service usability, and the overall level of public data security and privacy. Certification shows our clients that we actively develop our security practices and can respond to potential incidents in a controlled and professional manner,” explains Pasi Järnstedt.

About Druid

Druid makes complex and challenging web development simple and effortless – we excel in our technical expertise and understand the regulatory landscape of web services. The result is high-quality, customized solutions for digital customer engagement, whether it’s websites, e-commerce, or self-service solutions. Our solutions share a foundation in open-source technology and a strong desire to help our clients succeed.

Big Questions About ISO?

Do you want to know more about ISO/IEC 27001 information security standards or hear about our experiences with implementing the management system? Get in touch!

Contact us

  • Send us a message

  • This field is for validation purposes and should be left unchanged.

Author

Kirsi Vatanen

Marketing Manager