Uppelink Gets ISO/IEC Certifications for e-Payment Applications
A software development and e-payment firm, Upperlink, has been awarded the International Organization for Standardisation (ISO) and International Electrotechnical Commission (IEC) certification in recognition of its management system which complies with ISO/IEC 27001:2013 (ISMS).
The Chief Executive Officer of Upper link, Mr. Segun Akano, in a statement confirmed the accreditation and explained that ‘e-payment applications and software development’ are part of the scope of activities covered by the certificate.
According to him, the organisation’s documentation and implementation had been reviewed by the ISO/IEC body and found to comply with the relevant standard rules.
Akano said: “Upperlink believes that adhering to the high standards of information security is a requirement in the e-payments market. We have invested substantially in that responsibility, an effort that has now resulted in our company becoming ISO/IEC 27001:2013 (ISMS) certified, receiving accreditation for our e- payment applications and software development processes.”
The emphasis placed on data security has steadily risen as awareness and legal protections have grown in response to damaging data breaches in the past.
“By adopting this international standard, Upperlink has demonstrated its intention to meet the needs and expectations of our enterprise clients for whom data security is a foundational expectation,” Akano further noted.
ISO 27001 is recognised as the global standard for information security with over 100 requirements governing the creation and management of a robust ISMS.
These requirements span physical protection, software development practices and systems architecture, and far-ranging operational processes including risk management and business continuity.
Akano said Upperlink’s certification would ensure that its clients can rely on its systems and business practices to protect the confidentiality and integrity of the data under its control.
He listed some of the implemented controls by the company to include security-by-design, product development, data encryption, vulnerability management, business continuity and disaster recovery plans.
“We have made this commitment over a year ago because we believe that information security is a prerequisite to serving e-payments customers and it represents the dominant risk to the emerging market, our business, and our customers,” Akano added.
He said the company prepared and achieved the certification to convince itself that its operations are appropriately secure. “But we know that our clients care deeply about these issues. We also know that this is a non-negotiable consideration when you are operating in a regulated market like e-payment,” he said.