DataKrypto achieves ISO 27001 certification for data security

DataKrypto has announced its successful attainment of the ISO/IEC 27001:2022 certification, underscoring its dedication to maintaining high standards of data protection and privacy.

The ISO 27001 certification is an internationally accepted benchmark that outlines the requirements for an effective information security management system (ISMS). This certification complements DataKrypto's FIPS 140-2 accreditation, which the company secured in the first quarter of 2024. It validates the company's commitment to safeguarding sensitive information and managing information security risks for its clients. The certification pertains to DataKrypto's FHEnom and FHEnom for Images Software Development Kit (SDK).

Ravi Srivatsav, Chief Executive Officer of DataKrypto, said, "Protecting customer data is not just a feature—it's a fundamental requirement for software development. Our highly performant FHE solutions empower software companies to safeguard their customers' sensitive data during computation, allowing applications to process encrypted information without decrypting it."

He noted, "This cutting-edge capability enables development teams to build secure-by-design products that prioritise customer data protection without compromising innovation or performance. Our ISO 27001 certification further underscores our commitment to helping software vendors meet the highest security standards in their development practices and customer data handling."

The certification was granted following a thorough audit by an independent, accredited certification body, which involved a comprehensive evaluation of DataKrypto's policies, procedures, and controls related to data protection. This achievement enhances DataKrypto's credibility as a trusted partner for organisations pursuing advanced data protection solutions.

The certification highlights several key benefits of DataKrypto's SDK:

First, it offers enhanced security assurance, as customers can be assured that DataKrypto adheres to globally recognised information security practices, thereby minimising the risks of data breaches, vulnerabilities, or backdoors in the SDK.

Secondly, it ensures better code integrity and confidentiality. ISO 27001 mandates secure software development practices, providing customers with confidence that the SDK is developed and tested securely, has controlled access to prevent insider threats, and is safeguarded against tampering or unauthorised modifications.

Thirdly, the certification underscores DataKrypto as a reliable vendor with ongoing risk management. ISO 27001 is an ongoing commitment rather than a one-time certification, requiring continuous risk assessments and security enhancements. Customers benefit from a provider that actively identifies and mitigates emerging threats.

Lastly, it increases trust and ensures business continuity. Customers who rely on the SDK for critical operations such as authentication, encryption, and AI/ML processing can be confident that the vendor has implemented business continuity and incident response measures, guaranteeing dependable long-term support.