Initially, in 2018 we have certified the entire company across all locations against international standards ISO 9001 (Quality Management System) and ISO 27001 (Information Security Management System). Recently, we have proven the efficiency of our quality and information security management systems successfully passing the second annual surveillance audit on conformance to the mentioned standards.
Besides, in order to improve our cybersecurity posture and on-request from a number of our clients, mainly from Northern America, we took up another challenge and undergone SOC 2 Type 2 audit. It’s worldwide recognized as a most detailed and aggressive type of security audits, technical one. SOC2 defines criteria for managing client data based on five “trust service principles”—security, availability, processing integrity, confidentiality, and privacy. And we are proud to announce that this week we have received our already the second report. It details the design and operational effectiveness of ELEKS systems across the whole 2019.
If something can be made better – we make it better. HITRUST certification, a standardized framework for the measurement of compliance in relation to PHI/PII data, is in our roadmap for the second quarter of 2020.
Dealing with clients across all the globe, we also realized that the quality and security of our products and services is a baseline. What our clients really want from us, especially in terms of long-term relations, is to be sure that we can continually provide our services no matter what happened. For that purpose, we have developed and established a rigorous business continuity strategy that encompasses a variety of action plans for different adverse situations, from fire and power loss to global pandemic. Those plans, as well as disaster recovery capabilities, are tested annually.
To a great degree, it helped us to prepare for the latest difficult situation and global COVID-19 pandemic. Indeed, it would be better if those plans didn’t come in handy. But thanks to the readiness of our resources, including infrastructure, organizational instructions, and trained people, we were able to quickly and effectively switch to the remote work.
In particular, we have done the following measures to be prepared to COVID-19 impact:
- Prevention activities before the remote work plan invocation – Communications from CEO, prevention advice, hand sanitizers distribution, cleaning and sanitizing of office premises on more regular basis;
- Organization of remote work – “Remote Access Guideline” was distributed to ELEKS specialists; Invocation of “work from home” process in fully manner across all ELEKS offices with prior testing of all arrangements for remote work ; Organization of supporting processes from IT Infrastructure/IT Ops and CIS departments with involvement of Physical and Information Security departments; All events organized and initiated by ELEKS are postponed at until the end of quarantine;
- Organization of controlled travel and post-travel activities – Prevention advice to limit travels to business-critical only with further recommended working from home until the end of quarantine; Full restriction or postpone for all nonessential travels; Post-travel quarantine for 14 calendar days
- Support and coordination during the quarantine – Support and coordination during the quarantine – continuous communication on the organization of work; support in any resolving any issues and questions from ELEKS personnel; real-time monitoring of IT infrastructure performance and capacity, communication; monitoring of cybersecurity threats.
It’s a tough time now. We still need to face the impact of a pandemic on society and business. But what we know certainly, that as long as our company consists of such a highly skilled, dedicated professionals, with shared values and commitment to quality work, we can proudly go through all the difficulties.
