Kaspersky achieves ISO 27001 certification

Kaspersky has achieved ISO/IEC 27001:2013 certification; the international standard outlining best practices for information security management systems. Issued by TÜV AUSTRIA, the certification confirms that the company’s data security systems, including Kaspersky Security Network, meet industry best practices.

The certification was validated following an assessment done by the independent certification body TÜV AUSTRIA. It covered management systems of the delivery of malicious and suspicious files using the Kaspersky Security Network (KSN) infrastructure, as well as safe storage and access to these files in the company’s Distributed File System (KLDFS). This includes the company’s data centers in Zurich, Switzerland; Frankfurt, Germany; Toronto, Canada and Moscow, Russia.

“Receiving the ISO 27001 certification is a significant accomplishment for Kaspersky that demonstrates to our customers and partners that the company prioritizes security management controls as well as indicating our verifiable approach to information security. The rigorous audit undertaken for certification confirms that we are committed to the highest levels of data security and marks one more step in our efforts to demonstrate the company’s transparency,” said Andrey Evdokimov, Chief Information Security Officer at Kaspersky.

“TÜV AUSTRIAaims to protect society and businesses from a variety of risks of any nature. As digitalization is the main common trend of the world’s developments it creates both significant opportunities and major risks as public and/or private information could be lost or corrupted. So we appreciate it very much that such a significant global market player as Kaspersky shows its commitment for following the internationally recognized standard for information security management,” commented Detlev Henze, Head of TÜV AUSTRIA Group’s TÜV TRUST IT GmbH.

Certification is publicly available in the TÜV AUSTRIA Certificate Directory and also on the Kaspersky website here. The ISO 27001 audit is yet another step in the Global Transparency Initiative, announced in 2017, to further ensure its partners and customers that the company’s products and services are not only the best when it comes to protection from cyber threats, but also treats customer data with the highest level of respect and care. In 2019 the company achieved the SOC 2 Type 1 audit, issued by one of the Big Four accounting firms, which confirms that the development and release of Kaspersky’s AV databases are protected from unauthorized changes by strong security controls.