Compliance & Certifications
Sleepless are ISO 27001:2013 & ISO 27018 Compliant
ISO 27001
Our mission has always been to deliver the highest level of cloud service to our customers, as such, Sleepless are committed to adhering to the highest level of compliance in our industry. It is our belief that the best way to manage our facilities and operations is through a rigorous approach to information security management. It is this belief that has seen Sleepless awarded ISO 27001 certification. The scope of Sleepless’ ISO 27001:2013 certificate covers all cloud services offered by Sleepless.
ISO 27001 Information Security and Data Protection is a certification for a business that proves they adhere to the strictest standards of data security. It is only awarded to companies that prove they have the required safeguards in place to protect not only their own but their customer’s data against potential threats. In order to achieve this award, businesses must have integrated a robust information security management system that ensures the highest level of safety, service and product reliability is delivered to the end customer.
Information Security Policy
Physical and electronic information owned by Sleepless Server Solutions or its Clients are critical assets. Sleepless are committed to safeguarding the confidentiality, integrity and availability of all information for which it is responsible for.
Sleepless ensures this through the implementation, maintenance and certification of an information security management system in line with the ISO 27001 standard. As part of this, Sleepless
- are committed to the development and maintenance of the appropriate policies, procedures and guidelines to effect a high standard of information security, reflecting industry best practice.
- monitor, record and log all appropriate activity within its cloud-based solutions.
- are committed to compliance with both regulatory and customer requirements.
- have established measurable objectives and key performance indicators to ensure continued monitoring and improvement of the ISMS.
First Irish cloud provider to incorporate the ISO 27018
ISO 27018
Sleepless was the first Irish cloud provider to incorporate the ISO/IEC 27018 code of practice. As part of the certification process, the auditors have validated in their statement of applicability that all of Sleepless’ in-scope cloud services have incorporated ISO/IEC 27018 controls for the protection of PII in the public cloud.
- Customers of Sleepless cloud services know where their data is stored.
- Customer data won’t be used for marketing or advertising without explicit consent.
- Sleepless customers know what’s happening with PII.
- Sleepless will comply only with legally binding requests for disclosure of customer data.
Supplier Security Policy
Sleepless attaches particular importance to the security of its own, its employees’ and its customers’ data. It is therefore vital that existing and potential new suppliers to Sleepless have appropriate security controls to ensure the confidentiality, integrity and appropriate availability of such data is not compromised and these controls are in maintained in accordance with Sleepless security policies.
The reference standard for Sleepless security policies is ISO27001 and the suppliers shall comply with the principles of that standard at all times.
At a minimum; Suppliers agree to:
- Maintain the confidentiality of any information shared with the supplier by Sleepless
- Not to distribute any information to a third party without prior expressed permission from a senior member of management in Sleepless
- Allow Sleepless, when deemed necessary, to audit their facilities, systems and processes specific to services provided to Sleepless
- Ensure that their employees are aware of the nature of the supplier relationship with Sleepless and ensure that they are in compliance with the information security requirements at all times
Sleepless Datacentre Security & Compliance
Sleepless operate from datacentres based in Dublin and London. These datacentres adhere to:
- Security & Compliance
- BS 25999-2
- ISO14001
- ISO22301
- ISO27001
- ISO50001
- ISO9001
- OHAS 18001
- PCI – DSS
- Dublin
– ✓ ✓ ✓ ✓ ✓ ✓ ✓
- London
✓ ✓ – ✓ – ✓ ✓ ✓
All of our data centres are audited and operated to the EU Code of Conduct’s best practices for data centres.
To find out more about the security measures Sleepless have in place please contact us.
ISO 27001 & 27018 Certified
Microsoft Gold Partner
