Working with complex enterprise customers across industries, we understand that data security, trust, and compliance are both a key consideration and a core driver of information technology initiatives.
In fact, our solutions are designed around the security requirements of the modern enterprise, putting customer data front and centre and ensuring robust security provision is built-in—regardless of the technology platforms or apps you’re using.
In this blog, we’ll explore how Adaptavist is strengthening its commitment to security and compliance—not only through the solutions we build and the apps we ship, but in the way we run our business operations, every day.
Our ISO compliance journey
We’ve spent the 18 months working towards meeting the criteria for ISO 27001 certification. While we didn’t have to fundamentally change any ways of working to meet the certification process, it did present a great opportunity to formalise our policies and processes around best security practice.
Our journey came to fruition in May when the British Standard Institute (BSI) performed its stringent ISO 27001 certification audit that concluded in a positive recommendation for certification.
From creating contracts for new customers to managing their business-critical technology, and hiring into our ScriptRunner product team, we’ve implemented 110 controls across our businesses to formalise a framework for how we do things. This ensures that across the board, our business systems are designed to run with minimal risk.
(Updated for 2024) Along our journey we have also picked up a different security standard: the SOC 2 Type 2 audit report, which demonstrates that we’re effectively protecting our organisational and customer data within our systems. You can visit The Adaptavist Group website to see more information about our security certifications.
Our ISO 27001 certificate
What this means for our customers
This certification cements our commitment to security and compliance and reaffirms to our customers that we’re a trusted partner.
For Adaptavist Managed Services customers, this means following best practices and working together to minimise security risks.
This news also means that we’re now one of a small number of partners on the Atlassian Marketplace that’s ISO certified.
“Our ISO 27001 certification offers strong evidence of our commitment to our customer’s data security,” says Jon Mort, CTO at Adaptavist.
“By measuring ourselves against well-defined industry standards, customers can rest assured that Adaptavist is striving for—and achieving—excellence in data security.
“We also hope this enhanced provision will make for smoother onboarding for new customers—especially the growing number with strict supplier requirements—and support our mission to be a highly-trusted partner.”
Centering security in the cloud
But this isn’t the only demonstration of our commitment to security—as more organisations move their essential business infrastructure to the cloud, we’ve been partnering with Atlassian to shape and develop its Cloud Fortification program.
The certification helps Atlassian customers identify cloud apps that have passed Atlassian's security, reliability and support requirements, so they can rest assured they’re getting the most trustworthy products on the marketplace.
The majority of our Atlassian apps now meet the program’s strict cloud security requirements and performance and reliability standards, adhere to stringent support SLAs, and participate in additional cloud security programs.
Our long-standing Bug Bounty Program, meanwhile, helps ensure our Atlassian app portfolio is robust and meets strict security standards by relying on a skilled research community to conduct vulnerability testing across all Server, DC, and Cloud apps. This continuous testing ensures that any security vulnerabilities are directed straight to our product teams to address as soon as possible.
In short, whether you use Adaptavist apps or rely on us as a consulting or infrastructure partner, you’re in safe hands.
