Vercom S.A. public company, to which the EmailLabs project belongs, has successfully completed the ISO 27001 Surveillance Audit and ISO 27018 Certification. Both audits confirm that organization’s information security management system aligns with the most recent information security best practices and apply the international standard for protecting personal data in the cloud.
The scope examined by the auditor is creation and development of CPaaS solutions that enhance customer communications management, including email, SMS and PUSH. The Statement of applicability dated 05.08.2022 applies. The certification process of the information security management system was carried out by LLC-(Certification) Czech Republic a.s, Prague.
Vercom implements the information security policies, procedures and guidelines specified in ISO/IEC 27001 and ISO/IEC 27018. One of the most important is the formal procedures we have implemented for granting access to data. In our daily work, we follow the principle that only authorized employees have access to data. It’s the principle of least privilege that we always have in mind, minimizing the necessary and legitimate access, which is always restricted due to employee’s job function. For each access, an identifiable person or automated process is responsible.
We have a business continuity plan with relevant sections on incident and crisis management, resilience, backups and disaster recovery procedures. The BCP plan is undergoing annual testing. This year, the subject of these tests was data restoration process during which we refined and approved the latest version of the backup management procedure, that complies with ISO 27018.
Vercom conducts a risk assessment at least once a year to identify, evaluate and prevent information security issues. This year, the organization’s risks included data management processes in cloud computing. EmailLabs’ services were identified as compliant with the public cloud requirements, and its various elements were described – with reference to the PFSA’s cloud announcement by a law firm. A risk management plan was defined and approved.
At Vercom, we have a formal process for managing change, involving IT changes in particular. More than a year ago, we have also introduced a vulnerability management procedure with regular updates to ensure continuous system integrity and timely mitigation of emerging security threats. The organization requires strict data separation of production from development or test environments. We implement periodic penetration tests both within the organization as well as performed by third-party companies.
Vercom continuously raises user awareness and implements appropriate audits and policies for virus detection and prevention, as well as for data recovery. Apart from annual GDPR and ISO training, we conduct employee workshops run by our pentester and security engineer on the most recent risks of personal data. This year, we introduced additional cybersecurity training sessions delivered on a weekly basis to raise employees’ awareness on cyber threats. The organization is subject to regular internal and external audits to improve its practices.
Gmail has announced significant changes in the requirements for email senders to maintain a good reputation and proper classification of messages in user inboxes starting from February 1, 2024....
Vercom S.A. public joint-stock company to which the EmailLabs project belongs, has been assessed and certified to be compliant with the ISO/IEC 27001 and ISO/IEC 27018 standards. The Vercoms’...
The increasing number of phishing attacks each year, and the projection that this trend will continue to escalate, aren’t likely to astonish anyone. This can be attributed, in part,...
Out of all the things that can go wrong when sending out marketing emails, having your emails end up in the recipient’s spam folder is arguably the most dreaded...
Email Authentication, Security
DMARC is an email authentication protocol that is designed to give domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. Spoofing occurs...
With the emergence of the Covid-19 pandemic, many brands have been challenged to adapt in a short period to the changed reality and new consumer attitudes. That meant reorganizing...
Have you ever sent an email in haste and immediately wished you hadn’t? It happens more often than we’d like to admit. If you ever find yourself in this...
One safe and easy way to keep track of your digital interactions is to save emails as PDFs. However, do you know the best ways to easily turn your emails into PDF files? In this article, we’ll look into the different ways you can do to turn your emails into accessible PDF files. Let’s start! Key Takeaways To save emails...
Sending large files online can sometimes feel like maneuvering through a maze with unexpected twists and turns. The frustration of hitting attachment size limits or dealing with slow uploads...
Have you ever sent an email in haste and immediately wished you hadn’t? It happens more often than we’d like to admit. If you ever find yourself in this...
One safe and easy way to keep track of your digital interactions is to save emails as PDFs. However, do you know the best ways to easily turn your emails into PDF files? In this article, we’ll look into the different ways you can do to turn your emails into accessible PDF files. Let’s start! Key Takeaways To save emails...
Sending large files online can sometimes feel like maneuvering through a maze with unexpected twists and turns. The frustration of hitting attachment size limits or dealing with slow uploads...
Are you a bit baffled by email protocols like IMAP, POP3, and SMTP? Have no fear – this article is here to explain it all. If you have ever...
In 2024, global providers like Gmail and Yahoo have implemented a series of changes, primarily targeting bulk senders. These changes, already in effect, are part of a continuous update...
In the face of dynamic technological advancements and increasingly sophisticated cyber threats, ensuring network security has become crucial. Dozen security incidents present a challenge that we cannot afford to...
Google and Yahoo's Requirements
2024 marks a turning point in the fast-paced world of email deliverability, as this is the year when Google and Yahoo updated their sender requirements. With the enforcement period...
Best practices, Email Marketing
B2B email marketing – it’s a term you’ve likely heard before, but what does it really entail? And, more importantly, how can it be done effectively? In this article,...
Deliverability, Sending Reputation
Email sender reputation is one of the most important factors that can determine whether your emails reach the intended recipient or not. So, what is the email sender reputation,...