Pumping Up the Privacy
The certification is known simply as ISO/ IEC 27001:2013. It is often considered the “gold standard” of information security. Crypto.com received the “honor” after endless third-party security audits that have occurred over the past year. Crypto.com currently serves as an exchange and payment processing center.
The certification develops requirements for “establishing, implementing, maintaining and continually improving an information security management system” within the context of an organization. It also develops methods for companies to work out potential security risks, so their customers are not affected in the event of a hack or data breach.
Jason Lau – chief information security officer at Crypto.com – comments:
The certification demonstrates that cybersecurity and privacy are embedded into the DNA of Crypto.com. These pillars are at the core of our culture which drives our commitment to ongoing improvement of our security posture. This is an important milestone for our team as we build trust with our customers and partners during our global expansion.
The audits were performed by a global certification agency known as Bureau Veritas. The organization examined the many divisions of Crypto.com and rated its products, functions and departments accordingly based on its ever-adapting standards.
Among the products thoroughly examined were the wallet and card apps of Crypto.com. The Bureau studied the company’s security controls and risk factors, to ensure customers would remain untouched should a cyberattack ever take place. In addition, it also examined the company’s methods of approaching cyberattacks and took note of all its present vulnerabilities to ensure they were minimal and fixable.
The big factor regarding ISO/ IEC 27001:2013 is that it focuses on “continuous security,” ensuring whatever company is being audited has what it takes to keep security constant, and not just during the time of an audit. This requires Crypto.com to always stay ahead of the game and maintain its present security standards every year. Any drops or falters in said security could result in the loss of the company’s certification.
Kris Marszalek – co-founder and CEO of Crypto.com – comments:
ISO/ IEC 27001:2013 speaks volumes to our commitment to security and privacy, which has been at the core of our business since we started. We will continue investing aggressively in our people, technology and processes to maintain the highest standard of security in the industry.
What Makes This So Special?
What’s interesting is how specific certifications are looked upon in higher regard than others. One strongly covets the ISO/ IEC 27001:2013 certification, yet many companies look down heavily on the BitLicense, which allows crypto companies to operate in New York. Many believe this document stifles innovation and imposes unfair fees on crypto-based enterprises.