Upperlink, Nigeria’s leading software development and e-payment firm, has achieved the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) certifications.
The chief executive officer of the company, Mr Segun Akano in a statement explained that e-payment applications and software development in recognition of its management system which complies with ISO/IEC 27001:2013 (ISMS) are part of the scope of activities covered by the certificate.
He added that the organisation’s documentation and implementation has been reviewed by the ISO/IEC body and found to comply with the relevant standard rules. “Upperlink believes that adhering to the high standards of information security is a requirement in the e-payments market.
“We have invested substantially in that responsibility, an effort that has now resulted in our company becoming ISO/IEC 27001:2013 (ISMS) certified, receiving accreditation for our e- payment applications and software development processes,” Akano explained.
The emphasis placed on data security has steadily risen as awareness and legal protections have grown in response to damaging data breaches in the past. An industry with a conservative posture on security, electronic payment has continued to demand more from the ecosystem.
“By adopting this international standard, Uppelink has demonstrated its intention to meet the needs and expectations of our enterprise clients for whom data security is a foundational expectation,” Akano noted.
ISO 27001 is recognized as the global standard for information security with over 100 requirements governing the creation and management of a robust ISMS.
These requirements span physical protection, software development practices and systems architecture, and far-ranging operational processes including risk management and business continuity.
Akano said Upperlink’s certification would ensure that its clients can rely on its systems and business practices to protect the confidentiality and integrity of the data under its control.
He listed some of the implemented controls by the company to include security-by-design, product development, data encryption, vulnerability management, business continuity and disaster recovery plans.
“We have made this commitment over a year ago because we believe that information security is a prerequisite to serving e-payments customers and it represents the dominant risk to the emerging market, our business, and our customers,” Akano added.
He said the company prepared and achieved this certification to convince itself that its operations are appropriately secure. “But we know that our clients care deeply about these issues. We also know that this is a non-negotiable consideration when you are operating in a regulated market like e-payment,” he said.