Performant

Information
Security
Management
System

Performant

Information
Security
Management
System

ISO 27001 compliant processes

During our successful ISO 27001 certification in August 2020, many processes could be supported with ecos’ own products. The entire ecos concept is geared towards electronically supporting internal processes, managing equipment, and securing access to rooms and buildings.

ecoselectronically controlled organization systems

The following is a list of the various standards that can be easily met via ecos products:

Organisation of information security

A 6.2.1 Mobile Device Policy

Your sensitive business information can be protected with our electronic locker system. Visitors must hand in their mobile devices or USB sticks in an assigned compartment before entering your company’s premises. This protects you from information theft through unauthorized photos or via USB. In addition, information security is increased by making it impossible to introduce malware. This measure can additionally be required for employees without sufficient security clearance.

Asset management

A 8.1.1 Inventorization of assets

Both in electronic key cabinet and in electronic locker system, you can use RFID labels and ID recognition to identify their values beyond doubt and log their whereabouts. Even stored items can be recognized and counted in a compartment system with weight recognition.

At any time you can have an overview of your values and can take an inventory list with classification in webman2.

Inventorisation of assets

A 8.2.3 Handling of assets

In our webman2 software, you can implement the defined access restrictions per classification level via person or group authorizations. In addition, you can easily check afterward via an overview which recipient has been assigned which values.

Handling of assets

A 8.3.1 Handling of data carriers

All types of data media, such as backups, hard drives, or USB sticks can be stored in our ecos drawer and ecos depots in a controlled manner. Access to highly sensitive information can also be controlled via multifactor/user authentication.

Physical, environmental security

A 11.1.2 Physical access control

Access to the defined security perimeters required in A 11.1.2 can be ensured and controlled via our terminals. In the process, login and logout of both authorized persons and visitors are logged and controlled. Visitors must provide their email addresses for identification and follow your company’s sign-in process. This may include signing a confidentiality agreement, watching a security video, receiving a visitor badge, or handing over their personal belongings.

A 11.1.3 Securing offices, rooms, and facilities

Room keys can be managed in our electronic key cabinet and thus each removal and return can be logged with the associated person. Due to the special protection requirements of archive and server rooms, these keys can also be managed in separate small ecos drawer m/4.

Securing offices, rooms and facilities

A 11.1.5 Working in security areas

The requirement that employees are only informed of the existence of a security area when necessary is also covered by the ecos products. On the system, users can only view what has been released for them according to the “need to know” principle.

Working in security areas

A 11.1.6 Delivery and loading areas

The simple monitoring and protection of access points such as delivery and loading areas can be carried out via our compact terminals. These only allow access to identified and authorized persons.

Delivery and loading areas

A 11.2.1 Placement and protection of equipment and resources

Our electronic key cabinet and electronic locker system help protect equipment and resources by preventing unauthorized access and reducing the risk of potential threats such as theft or vandalism.

Placement and protection of equipment and resources

Do you need support in implementing your ISO 27001 certification? We are happy to help you!

Support with ISO 27001 certification

"*" indicates required fields

Kontaktdaten*
Data protection*