Our security & privacy certification initiative
SkyKick takes its responsibilities with regards to data protection, information security, and compliance extremely seriously. We continuously work on improving our services by which we protect and secure your and your customers’ data.
SkyKick systems, policy, processes, and procedures are actively aligned with and audited on industry-recognized standards and best practices, such as the Cloud Security Alliance STAR program, the worldwide recognized cybersecurity standard ISO 27001, and the industry leading Data Pro Code on data protection and privacy.
More information on the SkyKick Cloud Security Alliance Trusted Cloud Provider Seal, its ISO 27001:2013 certification and Data Pro+ certification which were attained through its rigorous security & privacy compliance program and independent third party audits can be found below.
Cloud Security Alliance – Trusted Cloud Provider
As a part of its continued commitment to providing Partners and Customers with top-notch security and privacy controls SkyKick has partnered with the Cloud Security Alliance, a global non-profit organization that promotes best practices for cloud security and provides a globally recognized framework for evaluating cloud providers.
SkyKick has obtained the Trusted Cloud Provider seal and the STAR (Security, Trust, Assurance & Risk) Level 1 (L1) from the Cloud Security Alliance. The STAR L1 attestation process is a rigorous self-assessment of a cloud provider’s security & privacy compliance posture, based on the Cloud Control Matrix as published by the Cloud Security Alliance.
The Cloud Control Matrix also maps to other industry standards and frameworks, giving SkyKick Partners and Customers a clear insight into the technical and organizational measures that SkyKick has already implemented in relation to ISO27001, ISO27701, CIS v8.0, NIST SP800-53 and the SOC2 (Service Organization Control 2) Trusted Service Criteria.
The Trusted Cloud Provider seal from the Cloud Security Alliance further demonstrates SkyKick’s full commitment to meet industry best practice and standards of excellence in security, privacy, and reliability through providing secure and trustworthy cloud services to Partners and Customers, which is further backed up by its existing ISO27001 and Data Pro certifications.
ISO 27001 Certification
Like most ISO management system standards, certification to ISO 27001 is not obligatory. Some organizations choose to implement the standard in order to benefit from the best practices it contains while others decide they also want to get certified to reassure customers and clients that its recommendations have been followed.
Certification by a certification authority demonstrates commitment to proactively manage and protect information and assets and ensure compliance with the relevant legal requirements. ISO 27001 details requirements for establishing, implementing, maintaining, monitoring, and improving an organization’s information security management system.
SkyKick has worked diligently on implementing its global information security management system in adherence to the ISO 27001 standard and partners with DNV as its main certification authority for its certification effort.
SkyKick currently holds an ISO 27001:2013 certification which applies to its partners and customers in the EMEA, APAC and Canada, and is actively working on expanding the scope of its ISO 27001:2013 certification to cover its entire worldwide operations.
Data Pro Certification
The Data Pro Code is the first code of conduct approved by the Dutch Data Protection Authority and is a Code of Conduct as defined under article 40 of the GDPR. For data processors, the Data Pro Code is an instrument to demonstrate compliance with the GDPR and handling customer data in a secure and privacy-friendly manner.
The eight principles in the Data Pro Code represent a concrete implementation of the GDPR legislation and ensures openness and accountability towards customers.
The Data Pro Code was developed by NLdigital, the main industry association for companies driving digital transformation. With recognizable members such as industry leaders Microsoft, Lenovo, T-Mobile, and Vodafone driving the spear of the initiatives, SkyKick was involved from an early stage.
As of its entry into the European Market, through its Dutch subsidiary and EMEA HQ, SkyKick immediately subscribed to and applied the Data Pro Code to demonstrate that personal data it is entrusted with is managed in a professional and GDPR-compliant manner.
SkyKick actively seeks to support its partners and customers to navigate the complexity of adhering to the GDPR. The Data Pro Code offers clarity and transparency on what they are entitled to expect. SkyKick has been certified against the Data Pro+ Code, which demonstrates GDPR compliance commensurate to the partners and customers it serves.
For further details on SkyKick’s ISO 27001:2013 and Data Pro+ certification, and its global certification roadmap please send an email to firstname.lastname@example.org.