Security
Information Security & Compliance
We care about Information Security, therefore we work continuously to align our processes and services to the best practices and guidelines.
Our established process and roadmap.
Media.Monks has established a global Information Security Management System aligned with the ISO27001 standard, which is being certified in different offices around the globe. Below are our compliance achievements as well as the roadmap for improving our maturity level down the line.
Certification
ISO/IEC 27001:2013
Our global Information Security Management System has been certified under the ISO27001 standard. This certification means that Media.Monks has implemented and maintains a rigorous security program in accordance with the ISO/IEC 27001:2013 standard, has a systematic approach to managing sensitive information and has implemented controls to protect it against unauthorized access, misuse, disclosure, or destruction. This certification provides assurance to our customers, stakeholders, and partners that we have implemented adequate measures to protect their information.
ISO 27001 covers controls in 14 sections: information security policies, organization of information security, human resource security, asset management, access control, cryptography, physical and environmental security, operations security, communications security, system acquisition, development and maintenance, supplier relationships, information security incident management, and information security aspects of business continuity management.
Certification
TISAX
We are committed to the automotive industry information security standards with the TISAX (Trusted Information Security Assessment Exchange) certification allowing us to process sensitive information from your customers as it follows.
The TISAX assessment covers a wide range of information security topics, including access control, data protection, incident management, business continuity, and physical security. The TISAX certification provides a standardized and recognized approach to information security assessment in the automotive industry, which helps to improve the overall security posture of companies working in this sector. It also facilitates the exchange of sensitive information between companies by providing a trusted platform for sharing data.
Certification
UK Cyber Security Essentials
Media.Monks UK offices are certified under the UK Cyber Essentials scheme, a set of guidelines developed by the UK Government to help businesses and organizations protect themselves from common cyber threats. The guidelines are based on five key principles: secure your Internet connection, secure your devices and software, control access to your data and services, protect yourself from viruses and other malware, keep your devices and software up to date.
Assessment
CyberGRX Tier 2
Media.Monks has completed the CyberGRX assessment which has been independently validated by Deloitte and KPMG. Access to the assessment report can be requested here. You can also use CyberGRX’s Framework Mapper feature which will allow you to map our assessment to commonly used industry frameworks and standards to instantly gain visibility into controls coverage.
Report
SOC2 Type I
We have acquired the SOC2 Type I report for our Data and Digital Media services in the US in November 2022. This is an attestation report that provides information on the controls that a service organization has implemented to protect the security, availability, processing integrity, confidentiality, and privacy of its customers' data at a specific point in time. The report is based on an independent audit performed by a third-party auditor, BDO, using the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria (TSC).
Report
SOC2 Type II
We have acquired the SOC2 Type II report for our Data and Digital Media services in the US in 2023. This is an attestation report that provides information on the controls that a service organization has implemented to protect the security, availability, processing integrity, confidentiality, and privacy of its customers' data during a period of time. The report is based on an independent audit performed by a third-party auditor, BDO, using the American Institute of Certified Public Accountants (AICPA) Trust Services Criteria (TSC).
Security Controls
We’ve set up safeguards to avoid and minimize any security risks. These protections cover four main areas: organizational security, internal security, infrastructure security, and data protection. Learn more about these controls in detail.
The Media.Monks Information Security Team shall be reached out for any security related matter or question through security@mediamonks.com