Unicon Achieves ISO / IEC 27001 : 2013 Certification

Education Technology and Digital Services Firm Meets Stringent Certification Requirements

Gilbert, AZ – July 7, 2020— Unicon, Inc., a leading technology consulting firm focused solely on the education ecosystem, announced today that it has achieved ISO 27001:2013 certification across its professional services, cloud services, and company operations. ISO 27001 is an international standard for information management security published in 2013 by the International Organization for Standardization. It ensures the confidentiality, integrity, and availability of in-scope systems and data, and provides a framework for an internal information security management system. To achieve certification, a company must demonstrate the implementation of 114 controls that provide a framework for identifying, treating, and managing information security risks.

"We are excited to have achieved ISO 27001:2013 certification across our professional services, cloud services, and company operations,” said Marquess Lewis, Chief Technology Officer, Unicon. "The certification process gives us confidence that our security program and security operations are well-positioned to continue to protect our customers' information and systems. Our customers rely on us to deliver services securely, especially when sensitive student information is involved. With continuous and ever-evolving security threats, maintaining a security program with continuous assessment and improvement is essential and achieving ISO 27001:2013 certification is an important external validation of our security program. It gives our customers and their users confidence that we have strong safeguards in place."

ISO standards are recognized throughout many different industries all around the world. An ISO 27001:2013 certification helps ensure ongoing compliance with stringent security standards and a commitment to risk mitigation and improvement. The standard revolves around a risk assessment-based approach to security: Once risks are identified in an initial assessment, controls are selected and implemented to mitigate them.