UBench confirms data security with ISO certificate

UBench International provides a cloud platform that brings all automotive sector players under a single roof: from leasing companies, rental companies and used car sellers to insurers, breakdown services and repairers. If a lease car user has an accident, for example, the entire administrative processing takes place via the UBench International platform: the declaration to the lease company, the intervention by the insurer, the appointment of a repairer, and so on. With its digital ecosystem, this company from Turnhout is today’s market leader in our country. UBench International also operates in many other European countries.

Brigitte Van Gerven, project manager, UBench International

“Data security is essential for us,” says project manager Brigitte Van Gerven. “We handle a lot of confidential data on our platform.” The volume of that data has, of course, grown hugely since launching UBench International in 2003. “This calls for a systematic, holistic approach in order to maintain an overview. Especially if, like us, you are also seeking to constantly improve data security.” An attitude that is increasingly viewed as a basic principle in the market. “Many tenders set strict requirements for data security.”

Objective vetting

In this context, certification offers a practical way to objectively demonstrate an organization’s data security level. An internationally recognized certificate for data security is ISO 27001. “This is a framework of requirements that a data security system needs to meet,” says Bart Tollebeek, data security consultant at Proximus. “Put simply: the organization examines step by step where possible risks are located. Once the security risks are assessed, proportionate measures are implemented.”

An organization that passes the audit, carried out by an accredited auditor, may use the ISO 27001 certificate for three years. “During that period, an annual check takes place,” Bart explains. “The certificate is based on the principle of continuous improvement.”

Techniques, technologies and threats are constantly changing. This makes it imperative that an organization also constantly adapts its data security system to these changing circumstances.

Brigitte Van Gerven, project manager at UBench International

Commitment

“We were making big efforts in the field of data security,” says Brigitte, “but there was certainly room for improvement at the organizational level and in terms of documentation.” Lacking the necessary ISO expertise in-house, UBench International turned to Proximus. “Companies understand the importance of data security,” says Christel Verbeeck, Security Governance expert at Proximus. “The parties that work with UBench International, like insurers, want to be sure their customers’ confidential data on the platform is in good hands.”

In this case Proximus acted as a trusted advisor, guiding UBench International through the initial ISO process. Above all, meeting the requirements of ISO 27001 keeps an organization focused. “We see that companies very often comply with the spirit of the law, but less with the letter,” says Bart. “The ISO certificate obliges them to also keep their documentation in order and to specifically assign all roles and responsibilities. It’s no casual exercise. It calls for commitment, also from management.”

Warranty

UBench International views its experience with ISO certification in the same way. “For us, ISO 27001 is the starting-point of a journey that is never completely finished,” says Brigitte. “Together with Proximus, we are now also working towards additional certification.”

Specifically, ISO 27017 for cloud service providers, ISO 9001 for quality, ISO 27701 for privacy and ISO 22301 for business continuity. “The goal is to manage everything in a single integrated management system. It’s a way to strengthen our position in the market, with the certificates documenting the efforts we make to keep our expertise at the required level.”