Introduction Securify was founded in 2013 by people with a passion for preventive security and it has steadily grown from a start-up to a serious business. Since 2021, Securify is majority-owned by Solvinity, adding value to Solvinity’s managed IT services in addition to servicing its own customers independently. At its core, Securify remains a group of technical experts working to improve preventive security in a variety of industries.
This information security policy gives structure and guidance to everyone at Securify to ensure the security of Securify’s information and that of its customers and partners.
Management A CISO is appointed and is responsible for the management of the information security policy.
Scope This policy applies to all information, (external) employees, resources and processes of Securify Group B.V.
Validity and evaluation The CISO is responsible for this policy. This policy is valid for three years and is reviewed at least once a year in the context of:
Based on the annual assessment, changing laws and regulations or due to other circumstances, this policy can be adjusted in the interim.
Goal The objective of this information security policy is to provide documentation that, when followed, leads to a state of control of the confidentiality, integrity, and availability of Securify’s own data and the (confidential) data it receives from clients. This means that Securify prevents or detects potential security incidents by establishing an Information Security Management System (ISMS) and meet laws and regulations.
The information security policy is partially published online: the overall document is publicly available and the in-depth strategic, tactical and operational documentation is internal-only. This is done as a measure of transparency that contributes to the trust that others place in Securify. Internally, this document will give structure to and provide a set of guidelines for dealing with information and systems that process information, about the physical security of our building and guarding our business continuity.
“This information security policy gives structure and guidance to everyone at Securify to ensure the security of Securify’s information and that of its customers and partners.”
Ultimately this policy and its accompanying strategic, tactical and operational documentation ensure that all employees of Securify handle information in the same manner thereby applying the same controls and ensuring Securify keeps it and its clients’ information safe.
How to achieve this? This is achieved by starting at the top and taking responsibility for Security, establishing goals and setting up a governance framework. This CISO is responsible for creating, implementing an ISMS and guiding Securify to a verifiable state of being in control. This is verified by an independent external party on a yearly basis, resulting in maintaining our ISO 27001 certification. For Securify this is only the beginning of being in control of security. Besides the CISO role we believe in wisdom of the crowd and will involve our organization to participate in the creation and maintenance of our security.
Information security principles The following information security principles have been established for the relevant domains. Everyone in the company should know about and comply with these principles.
ISMS & Information Security Policy
“Securify has set up its security on the basis of the ISO 27001 standard.”