Vercom S.A. public company, to which the EmailLabs project belongs, has successfully completed the ISO 27001 Surveillance Audit and ISO 27018 Certification. Both audits confirm that organization’s information security management system aligns with the most recent information security best practices and apply the international standard for protecting personal data in the cloud.
The scope examined by the auditor is creation and development of CPaaS solutions that enhance customer communications management, including email, SMS and PUSH. The Statement of applicability dated 05.08.2022 applies. The certification process of the information security management system was carried out by LLC-(Certification) Czech Republic a.s, Prague.
Vercom implements the information security policies, procedures and guidelines specified in ISO/IEC 27001 and ISO/IEC 27018. One of the most important is the formal procedures we have implemented for granting access to data. In our daily work, we follow the principle that only authorized employees have access to data. It’s the principle of least privilege that we always have in mind, minimizing the necessary and legitimate access, which is always restricted due to employee’s job function. For each access, an identifiable person or automated process is responsible.
We have a business continuity plan with relevant sections on incident and crisis management, resilience, backups and disaster recovery procedures. The BCP plan is undergoing annual testing. This year, the subject of these tests was data restoration process during which we refined and approved the latest version of the backup management procedure, that complies with ISO 27018.
Vercom conducts a risk assessment at least once a year to identify, evaluate and prevent information security issues. This year, the organization’s risks included data management processes in cloud computing. EmailLabs’ services were identified as compliant with the public cloud requirements, and its various elements were described – with reference to the PFSA’s cloud announcement by a law firm. A risk management plan was defined and approved.
At Vercom, we have a formal process for managing change, involving IT changes in particular. More than a year ago, we have also introduced a vulnerability management procedure with regular updates to ensure continuous system integrity and timely mitigation of emerging security threats. The organization requires strict data separation of production from development or test environments. We implement periodic penetration tests both within the organization as well as performed by third-party companies.
Vercom continuously raises user awareness and implements appropriate audits and policies for virus detection and prevention, as well as for data recovery. Apart from annual GDPR and ISO training, we conduct employee workshops run by our pentester and security engineer on the most recent risks of personal data. This year, we introduced additional cybersecurity training sessions delivered on a weekly basis to raise employees’ awareness on cyber threats. The organization is subject to regular internal and external audits to improve its practices.
How Apple Mail privacy updates affect email open rates? Although the new privacy policy for Apple users was already introduced in September 2021 (with the launch of iOS 15...
Best practices, Dobre praktyki, Transactional Emails
mBank was the first bank in our country to declare war on cybercriminals’ activities and implement sender authentication in the most popular mailboxes used by their customers. These solutions...
Sociotechnic, or in other words social engineering, is any action that influences another individual in order to persuade him to take certain actions, which may not be in his...
Best practices, Converion Rate, Dobre praktyki
Promotional emails usually contain a significant amount of information – we are talking here not only about the content, but also graphics presenting the products covered by the promotion,...
Ignoring the mistakes made in previous years and failing to learn the right lessons are the main ‘sins’ of marketers preparing campaigns for Black Friday – a day considered...
Vercom S.A. public company, to which the EmailLabs project belongs, has successfully completed the ISO 27001 Surveillance Audit and ISO 27018 Certification. Both audits confirm that organization’s information security...
We’re launching our CyberLabs series on the latest news from the cybersecurity world. Based on practical examples, our pentester will give tips on how to prepare for potential threats...
Antispam, Best practices, BIMI
The AuthIndicators Working Group (BIMI Group) recently announced that Apple systems such as iOS 16, iPadOS 16, and macOS Ventura will support BIMI starting this fall. Thus, the infographic showing...
Email marketing communication needs to be properly handled to be effective. Apart from technical matters, building positive subscriber engagement with email communication is very crucial. Nowadays, consumers feel overwhelmed...
An ESP (Email Service Provider) is a software-based service for email distribution, often based on its servers, optimized for high (mass) traffic. Many of them enable integration with CRM...
Best practices, Deliverability
What is email deliverability? While talking to eCommerce store owners, marketing specialists, or reading various reports on email communication, you may often get the impression that the main criteria...
Vercom, to which EmailLabs belongs, is a European company, fully compliant with the provisions of GDPR and based solely on its own servers located in CEE. We provide our...
With the emergence of the Covid-19 pandemic, many brands have been challenged to adapt in a short period to the changed reality and new consumer attitudes. That meant reorganizing...
How to avoid having my messages stopped by the spam filter? Your customers’ inbox certainly has protection set up to prevent unwanted emails. However, to pass their validation, you...
Converion Rate, Dobre praktyki, Open Rate
For many years, one of the most frequently monitored metrics of the effectiveness of email campaigns has been the open rate, i.e. the ratio of messages opened to messages...
Email security is an essential element that every company needs to ensure during the era of evolving cybercrime. Attacks by hackers on business entities very often target precisely email...
