xMatters is ISO22301 Certified! Here’s How We Did It
CategoriesSecurity & Risk Management
xMatters customers place an incredible amount of trust in us when we monitor and maintain their data and keep our services up and running, and in turn, we’re committed to the highest standards of data security and resiliency. One way we continually work to maintain our high standards is through ISO certifications, an achievement that reflects meeting an international standard of operational processes.
Recently, xMatters became ISO22301 certified, one of the most rigorous business continuity standards to date, and we passed every challenge. This is an ISO that all businesses in our space should have, but only xMatters does. This certification is a huge achievement for xMatters, which makes it an even better achievement for our customers, who now more than ever can be reassured that their operations are safe with us.
What is an ISO?
ISO stands for International Standards Organization, which is an independent, non-governmental international organization with a membership of 165 national standards bodies founded in 1946. Through its members, ISO develops voluntary, consensus-based market-relevant standards that provide solutions to global challenges. These standards are reviewed every five years to establish whether a revision is necessary for the marketplace.
ISO develops standards for almost every aspect of technology and manufacturing, with 23,838 international standards currently available. To achieve ISO certification in an area is a proof point to show that a business has gone through some of the most rigorous testings in an industry and met the appropriate standards.
What is ISO 22301?
ISO22301 is named “Security and resilience — Business continuity management systems”.
Within this ISO are specific requirements to “implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.” In essence, how protected is your business from disruptions, how prepared are you to respond to disruptions when they occur and are you working to consistently improve your management system to make yourself even safer.
How We Became ISO22301 Certified
We don’t mean to be that company, but we wouldn’t be painting a true picture if we didn’t say that xMatters uses xMatters to stay protected, and because we use xMatters, it made earning this achievement that much better.
There were three key points of this review process that were focused on:
- The resilience of our platform
- The availability of clients’ data
- The ongoing availability of our Technical Support Team
We had confidence going into this process that our business continuity processes are strong. Beyond the fact we use xMatters to keep ourselves protected, our team of expert xPerts works continually to ensure our processes are maintained. We go through routine annual assessments with many of our clients to ensure our processes match their requirements and continue to meet these guidelines.
The Resiliency of our Platform
The resiliency of our platform is an area of the ISO22301 audit we were confident in going into the process. xMatters has a well-documented and audited Business Continuity Plan (BCP) that goes through is continuously improved and withstands both semi-annual and annual reviews by internal and external boards. By investing time and resources in our infrastructure technology, staff skills, processes, and policies our BCP is both resilient and successful. Our teams also go through weekly exercises to ensure we can recover from threats in 30 minutes or less. You can learn more about the details of our business continuity and disaster recovery plans here.
Data availability is something we pride ourselves in—it’s a true xMatters differentiator. Data availability is related to a business’s ability to perform several backups, and here at xMatters, we perform backups hourly, daily, and weekly, as well as to a secondary Google Cloud Platform (GCP), which ensures client data is up to date and available at all times.
Most businesses have one data center, typically in the same geographic region that aligns with their operations. But xMatters has six, and by integrating our BCP with our data recovery plan, we remedy client access to data through geographically diverse data center pairs:
- Europe: London, UK, and Germany
- Asia-Pacific: Sydney, Australia, and Singapore
- North America: South Carolina, U.S.A., and Iowa, U.S.A.
Both data centers in a pair are always active and have identical processing capabilities, and each data center can support the combined production load of the pair.
So, if there was an attack on our data center, what would happen? In most circumstances, it’s unlikely that one database going down would have any sort of impact on our business, and in turn our customers. With several layers of backups in place, data is exceptionally safe.
xMatters Technical Support Team
We maintain high availability of our Technical Support team. The team is dispersed in different geographic areas and they support our clients 24x7x365. The team receives weekly training on how to respond to all types of incidents and annual test measures their capacity to respond to emergency notifications in less than 5 minutes!
Ultimately, we finished the ISO22301 audit a day early, and with zero findings. And, we officially became the first in our industry to hold this certification!
This is a great accomplishment that affirms our commitment to business continuity management systems and the protection of our customer’s data. Many team members were vital to ensuring the success of this audit, but specifically, Karen Meohas, Ken Klecker, Rish Goswami, Mark Henzi, Doru Davidson, Jared Curtis, Mario Guisado, and Kalen Wessel deserve the highest of praises.
As with everything xMatters does, our driving factor behind all decisions is ensuring customers have the best experience possible, from the usability of our platform to the security features that keep them safe. With ISO22301 we’ve recommitted to this belief, and are excited to see our customers continually benefit from the best service reliability platform on the market.