Skip to main content

Key management and
access control for ISO27001

ISO 27001 compliant processes

During our successful ISO 27001 certification in August 2020, many processes could be supported with ecos’ own products. The entire ecos concept is geared towards electronically supporting internal processes, managing equipment and securing access to rooms and buildings.

ecoselectronically controlled organisation systems

The following is a list of the various standards that can be easily met via ecos products:

Organisation of information security

A 6.2.1 Mobile Device Policy

Your sensitive business information can be protected with our lockers. Visitors must hand in their mobile devices or USB sticks in an assigned compartment before entering their premises. This protects you from information theft through unauthorised photos or via USB. In addition, information security is increased by making it impossible to introduce malware. This measure can additionally be required for employees without sufficient security clearance.

Asset management

A 8.1.1 Taking inventory of assets

Both in key cabinets and in electronic locker systems, you can use RFID labels and ID recognition to identify their values beyond doubt and log their whereabouts. Even stored items can be recognised and counted in a compartment system with weight recognition.

At any time you have an overview of your values and can take an inventory list with classification in webman2.

Inventory of assets

A 8.2.3 Handling of assets

In our webman2 software, you can implement the defined access restrictions per classification level via person or group authorisations. In addition, you can easily check afterwards via an overview which recipient has been assigned which values.

Handling of assets

A 8.3.1 Handling of data carriers

All types of data media, such as backups, hard drives or USB sticks can be stored in our ecos drawer and ecos depots in a controlled manner. Access to highly sensitive information can also be controlled via multifactor/user authentication.

Physical, environmental security

A 11.1.2 Physical access control

Access to the defined security perimeters required in A 11.1.2 can be ensured and controlled via our terminals. In the process, login and logout of both authorised persons and visitors are logged and controlled. Visitors must provide their email address for identification and follow your company’s sign-in process. This may include signing a confidentiality agreement, watching a security video, receiving a visitor badge or handing over their personal belongings.

A 11.1.3 Securing offices, rooms and facilities

Room keys can be managed in our key cabinets and thus each removal and return can be logged with the associated person. Due to the special protection requirements of archive and server rooms, these keys can also be managed in separate small ecos drawer m/4.

Securing offices, rooms and facilities

A 11.1.5 Working in security areas

The requirement that employees are only informed of the existence of a security area when necessary is also covered by the ecos products. On the system, users can only view what has been released for them according to the “need to know” principle.

Working in security areas

A 11.1.6 Delivery and loading areas

The simple monitoring and protection of access points such as delivery and loading areas can be carried out via our compact terminals. These only allow access to identified and authorised persons.

Delivery and loading areas

A 11.2.1 Placement and protection of equipment and resources

Our electronic key cabinets and lockers help protect equipment and resources by preventing unauthorised access and reducing the risk of potential threats such as theft or vandalism.

Placement and protection of equipment and resources

Do you need support in implementing your ISO 27001 certification? We are happy to help you!

Support with ISO 27001 certification

Get more information


Please prove you are human by selecting the star.