SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
BlackLine achieves ISO/IEC 27017:2015 security compliance
Wed, 19th May 2021
FYI, this story is more than a year old

Cloud-based financial services firm BlackLine is now officially compliant with the ISO/IEC 27017:2015 certification, after achieving the internationally recognised standard for cloud security.

The certification provides assurance to customers and partners that BlackLine follows information security standards in cloud services, supported by policies that enforce data security and privacy.

The ISO/IEC 27017:2015 standard is jointly published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It is one of many standards published by the two organisations that promote best practice recommendations on information security management, risk mitigation and improved control environments within an information security management system.

According to BlackLine CEO Marc Huffman, it is now more important than ever to provide secure and private cloud services More customers are now working in a fully distributed environment due to the pandemic.

“Achieving ISO/IEC 27017 certification reaffirms our longstanding commitment to comply with information security protocols to ensure security and privacy across our full gamut of cloud services – both those we utilise to run our systems internally, as well as those we provide to customers.

The company explains further, ISO/IEC 27017 expands on the ISO/IEC 27000 series of standards, providing guidelines for information security controls applicable to and specific to the secure provisioning and use of cloud services.

“Following a multi-audit certification process, the British Standards Institute (BSI), an accredited certifying body of ISO/IEC 27000 standards, determined that BlackLine's ISMS conforms to the requirements for ISO/IEC 27017:2015 certification.

BlackLine achieved the ISO/IEC 27001 in 2013, and also completed a SOC 2 (System and Organization Controls) Type 2 examination and 3rd-party audit.

BlackLine chief security officer Max Solonski says, “It's more critical now than ever for organisations to proactively secure their internal IT environments, as well as outward, customer-facing systems, and effectively comply with regulations and standards such as ISO/IEC 27017.

“Keeping our clients' confidential information safe is our number one priority. This 3rd-party assessment and certification from BSI is a testament to the work we've done to make this happen and to the fact that we've built a secure cloud environment all-around.

BlackLine provides solutions to manage and automate financial close, accounts receivable and intercompany accounting processes. The company provides services to nearly 3,500 customers worldwide. The company is based in Los Angeles and has offices in Sydney, Singapore, and London.

The company recently took out the top spot for financial close software in the Enterprise category on G2's list of the 'Best Finance Products of 2021'.