Ahead of the game with ISO 27001
Colosseum Online Inc.’s Cloud offering is built on enterprise hardware and software and offers simple management, a stable environment, and a better way of providing Cloud Services, with peace of mind backed up by professional organizational standards. Mr. Jean Crescenzi, Chief Technical Officer, comments, “The ISO 27001 fits perfectly with our Cloud and what we are doing.” Cloud computing is a rapidly evolving technology trend and Colosseum aims to stay ahead of the competition, not only in technology, not only in the software they use, but also in procedures and their protocols, and the manageability of the growth of the company.
Established in 1994, Colosseum Online Inc. is a solutions provider. By facilitating customer’s ideas or offering the technical know-how and assistance, Colosseum builds sound infrastructures for their customers, improving their Internet position. Colosseum provides the service, the hardware and the ability to get on the Internet for what becomes, essentially, a metered service. Their customers side step large start up costs of up to $20,000 by instead using Colosseum’s data centres and the Cloud to achieve an online presence. Colosseum’s service offering gives their customers the flexibility and scalability of their infrastructure, enabling them to start small and grow their business accordingly.
Colosseum is the only Red Hat Certified Cloud provider Partner in Canada, and one of a few globally.
Maintaining a leading market position, Colosseum receives a lot of exposure and attention. As a result, Colosseum required the robust framework of ISO 27001 Information and Data Security Management standard as an answer to the interest created, regarding what they were doing and the direction they were going in.
Despite no longer being certified to ISO 9001 since the mid 2000’s, Colosseum continues to follow ISO processes, documentation, policies and procedures. IMSM’s Auditor initially found that Colosseum already had a lot of what was needed for ISO 27001 already in place.
Jean Crescenzi explains, “We already had certain elements in place such as the bulletproof glass, the biometrics, signing in and out procedures. We used to allow visitors to sign themselves in. They would scribble their names, which were often illegible! Now we have a procedure in place whereby a member of staff fills out the visitor log. We didn’t have to change very much; we just had to improve what we were doing. We had to add to it as well because some of what is in ISO 27001 is not part of the ISO 9001.”
“ISO 27001 proves and seeks to protect the business from itself. So, if there is massive growth, which we are going to experience, there is a pre-existing structure for provisioning, and policies to mandate for self-scrutiny and how to grow and be prepared for such a growth.” Colosseum has been working diligently to ensure that the ISO 27001 is properly in place. Mr. Crescenzi advocates that ISO encourages the improvement of all aspects of the business. Colosseum is looking at, not only the security, but also how to grow the company, and how to keep the security policies in place. Mr. Crescenzi explains, “This is what we are looking at providing our customers – the comfort level – that we can achieve those goals without stumbling. The data is secure, and our policies allow us to have, not only contingency plans, but also the structure to expand the business.”
ISO offers the rigidity of self-auditing. Colosseum runs internal audits regularly, from this they can identify policies and procedures that need to be amended and address them accordingly. “We see the ISO as increasing consumer confidence. And that we can do the job well.”
“Our ISO journey was pleasant, it opened our eyes. It provides the simplest ideas to improve our overall effectiveness.” Mr. Crescenzi continues, “It has given confidence to our customers and prospects, that we have policies and protocols in place. It is easier to encourage our entire staff to get on board with the procedures as they make sense, are easy to follow and we can all agree on them.”
On working with IMSM, Mr. Crescenzi comments, “IMSM are great people, starting with our Regional Manager, who had an uphill battle at first as we were comparing ISO with other industry standards. Because we are focused on an international client base, ISO was the clear path to follow. ISO gives us an international offering. From the initial call from IMSM to the last IMSM Auditor meeting, it was a pleasant experience because we all worked together and understood the goal we were aiming for. We never once felt that we should have bought something else, or something extra. It worked well for us and we never regretted the decision we made.”
Looking to the future with ISO 27001, Colosseum is aiming high and hopes to become the largest enterprise Cloud provider in the World.