Nexo, the leading digital assets institution, announced on Tuesday, December 30th, that it has bagged the prestigious ISO 27017 and ISO 27018 certifications, building upon the foundation of its existing ISO 27001 standards.
In a press release shared with Cryptowisser, Nexo said these accolades, granted by RINA – a multinational inspection, certification, and engineering consulting company, known for its rigorous standards – represent a comprehensive commitment to securing client data, enhancing cloud security, and ensuring privacy in the digital age.
The certificates come at a time when robust security measures have become very important in the cryptocurrency space. Last year, although the cryptocurrency sector witnessed a 50% decrease in losses due to security incidents, the tally still came in at $1.7 billion. This figure underscores the critical importance of security standards, like those upheld by Nexo.
The Synergy of ISO 27001, ISO 27017, and ISO 27018
Nexo added ISO 27017 and ISO 27018 to its cabinet after it was recognized for its robust Information Security Management Systems (ISMS) under ISO 27001 in 2019.
-
ISO 27001: This foundational certification showcases Nexo’s security-focused approach to safeguarding sensitive information, highlighting the sustained excellence and robustness of its top-tier ISMS.
-
ISO 27017 extends the security principles of ISO 27001 to the cloud environment, increasingly and universally used in the crypto ecosystem. Nexo addresses this and fosters a collaborative environment with cloud service providers, ensuring utmost protection against cloud computing threats.
-
ISO 27018: As the first privacy-specific international standard, ISO 27018 fortifies Nexo’s commitment to protecting personally identifiable information (PII) in the cloud. It emphasizes the principles of explicit consent, data minimization, and stringent third-party management.
While commenting on this latest development, Nexo's Chief Security Officer Milan Velev, said,
"Nexo's integration of ISO standards for information security and privacy signifies a major step forward in our journey to set new benchmarks in digital finance. We are not just complying with international standards; we are leading by example, prioritizing our clients' security and privacy in every aspect of our operations."
"We are pleased to certify Nexo with the ISO 27017 and ISO 27018 standards. This partnership underlines RINA's commitment to promoting advanced security measures and data protection in the innovative financial technology sector," Kalin Panev, Country Manager of RINA, added.
The ISO 27017 and ISO 27018 certifications build upon Nexo's focus and commitment to the highest standards in security and privacy, including the successful completion of the SOC 2 Type 2 audit and the attainment of the CSA Security, Trust & Assurance Registry (STAR) Level 1 Certification.
Nexo is a leading digital assets institution. The company’s mission is to maximize the value and utility of digital assets by offering a comprehensive suite of products that include advanced trading solutions for retail and institutional clients, aggregation of liquidity from leading venues, and tax-efficient asset-backed credit lines.
Meanwhile, RINA is a leading certification company and engineering company in Italy, that provides a wide range of services across the Energy, Marine, Certification, Infrastructure & Mobility, Real Estate and Industry sectors.