Genetec Achieves Stringent Certifications through Commitment to Cybersecurity and Privacy
Company announces ISO 27001, 20017 standards, obtains UL 2900-2-3 level 3 cybersecurity certification, and SOC2 Type 2 audit
Genetec Inc. has achieved a number of certifications underscoring its unwavering commitment to ensuring the cybersecurity of its solutions and the ISMS (information security-management systems) that govern them.
Genetec has maintained ISO 27001 certification for the sixth consecutive year and exemplifies its commitment to cybersecurity by also implementing ISO 27017 standards.
With ISO 27001 and 27017 certifications, Genetec customers can be confident they are working with an organization that has put stringent controls in place to manage sensitive data and mitigate cyber threats. This includes use of the company’s cloud solutions including Autovu CloudrunnerTM, Security Center SaaS edition, Genetec Stratocast™, Genetec Clearance™ , Genetec ClearID™ , SynergisTM, Access Control as a service, and Genetec Curb Sense™.
Developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), ISO/IEC 27017 builds on the principles of the ISO 27001 standard, which provides a checklist of controls for a company’s establishment, operation and maintenance of an information security management system.
ISO 27017 focuses on the protection of the information in cloud services with a focus on major control areas including asset management, access control, physical security, and compliance. With ISO 27017, an organization’s system and processes are subject to stringent security and privacy standards.
Genetec has also received the UL 2900-2-3 level 3-cybersecurity certification for the fourth year in a row. The company remains the only VMS vendor in the world to have achieved this certification. The UL Cybersecurity Assurance Program (UL CAP) is a robust certification program that evaluates the security of network-connectable products and vendor processes. The UL 2900-2- level 3 standard, for which the Genetec Security Center Omnicast™ VMS is certified, is specifically designed for life safety and physical security systems. It includes a series of checks including fuzz testing, code and binary analysis, vulnerability assessment, penetration testing, and risk management methodology validation.
Genetec has also passed the SOC 2 Type 2 audit to include its entire portfolio of cloud products and ISMS that govern them. This signifies that internal controls at Genetec, built on best industry practices, are aligned with SOC 2 Type 2 criteria and requirements.
Defined by the American Institute of Certified Public Accountants (AICPA), this report offers prospective Genetec customers and partners’ peace of mind, as it is a stamp of approval that the company is compliant with best practices in data protection and has all the appropriate safeguards and procedures in place to control who can access sensitive data. The SOC 2 Type 2 audit conducted by third parties covers five key areas: security, availability, processing integrity, confidentiality, and privacy. Genetec has also obtained the SOC 3 report which can be consulted here.
“Certification with ISO and UL standards, and SOC 2 Type 2 audits are essential elements of our comprehensive approach to cyber resilience. Customers can be sure we have the right policies and procedures in place to manage sensitive data when they use our cloud solutions or hybrid deployments,” said Mathieu Chevalier, principal security architect, Genetec Inc.