Paf is the first gaming company in the world to get the ISO 27017 certification, which means that the company’s cloud technology is ISO certified. The certification is the highest excellence available for security and safety in regards to cloud technology.
“Extending our ISMS into ISO 27017 was a natural next step for Paf. While sustainability is important in other general aspects of business, demonstrating business resilience by means of information security is also important for Paf’s posture in the industry. Paf evolves with changing technology with information security management embedded into it,“ says Paf’s Senior ISMS Specialist Jaiyashri Prakash.
First in the world
Passing the ISO 27017 certification means that Paf is the first company in the world in its industry to be given it.
“This is a premiere for us in many aspects and the main one we could highlight is that we are the first in Åland but also in our industry to have been able to get it, so a world premier for Paf. As threat landscapes get more sophisticated, Paf engages in a continuous improvement paradigm for information security as well,” says Paf’s Chief Technology Officer Francois Maugis.
A code of practice
The ISO 27017 certification is a code of practice that outlines additional information security controls, specifically to cloud service providers and customers. In other words, these guidelines help analyze vulnerabilities and minimize the potential risk of security incidents. Paf regularly reviews the effectiveness of the company’s ISMS (Information Security Management System) in line with the policy and procedures.
“In the most recent review Paf successfully passed the ISO 27017 certification, aka Cloud ISO, without a single non-conformity. This shows that we are on the top of our game, when it comes to tech security,” says Francois Maugis.