Suresnes, September 7, 2017 – CrossKnowledge, a world leader in Digital Learning, announces that it has obtained ISO 27001:2013 certification in Information Security Management for its SaaS solutions. With this certification, CrossKnowledge demonstrates its continued commitment to ensuring the confidentiality, integrity and availability of its customer data, and compliance with the European Union’s General Data Protection Regulation (GDPR) months before it comes into effect.
ISO 27001:2013 certification: an internationally recognized information security management standard
ISO 27001:2013 certification demonstrates and upholds best security practices and a managed approach to data protection, including risk, governance and compliance. In practical terms, this means that all operations which access customer data must comply with exacting standards that go well beyond mere hosting.
CrossKnowledge wanted to go even further by extending certification to the IT operations teams that manage these environments, ensuring a fully secure end-to-end service. The resulting certification instills all staff and sites with a responsibility for secure technical operations such as managing systems, implementing backups, updating applications or managing access to the training platform for new entrants.
“Certification applies not only to our hosting activities, but also to all teams involved in customer data-related operations in France and Brazil, with both sites being certified. It’s a huge competitive differentiation factor in the SaaS e-learning market. Our clients – some of whom are themselves certified – were calling for this, and so we couldn’t break the chain of security and trust,” explains Vincent Alloo, Director of Technology at CrossKnowledge.
GDPR regulations: anticipating company requirements
In view of the forthcoming introduction of the GDPR regulations on 25 May by the European Union, which represents a step change in data governance in all respects, CrossKnowledge is enabling its corporate clients to prepare using one of the pillars relating to data on staff training. It is a potentially crucial pillar, because this law will bypass national laws in every country of the European Union, and non-compliant companies will face heavy financial penalties.
“As this is a globally recognized standard, it will facilitate CrossKnowledge’s international growth by offering an enhanced assurance of protection and information security for clients located overseas, where data compliance is very strict. The associated time-saving benefits are also a key advantage. Our clients will be able to have total confidence in our fully secure services ahead of the mandatory implementation of the GDPR. With this law, companies in the 27 EU member countries will be required to take the necessary measures to protect their customer and employee data or face severe penalties. In this respect, ISO 27001: 2013 satisfies the electronic side of the requirement. So this is a foundation on which to build GDPR compliance,” said Alloo.
With more than 12 million users in 130 countries, CrossKnowledge is a world leader in digital learning. CrossKnowledge solutions are aimed at companies and organizations of all sizes, enabling them to execute their training strategy successfully by developing the skills of all staff members in a measurable way. The solutions are based on world-class content, a social and mobile learning experience that integrates the latest advances in educational research, and 17 years of experience with best practices in the deployment sphere. CrossKnowledge is part of the Wiley Group.