The Raritan Blog

Who Should Care About ISO 27001?

Posted on July 1, 2024 by Gento

Whenever data center operators or other companies that employ mission-critical services purchase a product to go in their data centers, there’s a tick-in-the-box exercise to confirm that the product conforms to various international standards and certifications. For example, our Raritan PX4 Rack PDUs have been tested and conform to FCC Part 15 Class A, UL and cULs, IEC 62368, CE, UKCA as standard certifications. (Additional certifications are available). 

That’s great, but to be honest, most people don’t particularly care very much about standards compliance. They need to verify that the product they’re buying has been certified, to be sure, but the bar is fairly low and, most products meet the requisite standards. 

So why are we announcing our recent achievement of ISO/IEC 27001:2013 certification for our Data, Power & Control division (DPC)? 

To put it simply, it’s an entirely different certification…and it should matter to every single customer. 

Whether or not, all of us live in a world of threats. Bad actors penetrate organization after organization, stealing confidential information, gaining control over mission-critical systems, and even locking down entire organizations unless a ransom gets paid. Malware, hacking, phishing, ransomware and the like threaten all of us -- and the global cost of a data breach today, according to IBM, exceeds $4.5 million

Today’s organizations must spend money, time, and effort reducing the chances that their IT infrastructure can be hacked. They’re in an arms race with bad actors, and every day, there’s a chance of a crippling attack that could turn into a disaster. To make matters worse, data centers are more complex, and involve more technologies from more vendors than ever before. Imagine what could happen if an obscure but network-connected third-party component, like a PDU, turned out to be compromised in some way…and was used as the backdoor for an attack.  

Legrand takes this possibility seriously. We know that you need to stay safe and secure. That’s why we have implemented 114 process controls in our engineering group to gain proof of official ISO 27001 compliance from one of the world’s leading certification bodies, Bureau Veritas — a globally accredited specialist in testing, inspection and certification services, who just issued Legrand’s certification upon completing a formal audit process. 

But what is ISO 27001? ISO/IEC 27001:2013 is an information security standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission (IEC).  

Why does ISO 27001 matter? ISO 27001 certification demonstrates that Legrand manages security risks in our operations and processes -- to ensure that our products don’t introduce additional risk to your data centers. With ISO 27001 compliance, you have an added level of trust in our hardware and software, by validating that Legrand’s processes: 

Reduce the Risk of Security Breaches: ISO 27001 compliance indicates that we have a documented Information Security Management System (ISMS). This translates to a focus on identifying and mitigating security vulnerabilities in our products and development processes. This can minimize the risk of malicious code or security flaws ending up in your PDU, or any other component from Legrand. 

Increase Trust Through Secure Development: Legrand adheres to best practices for secure development. We have measures in place to control access to sensitive information and development tools, reducing the chance of unauthorized modifications or vulnerabilities introduced during the creation of your PDU. 

Support Your Security Regulations: Many industries have data security regulations. By using ISO 27001-compliant equipment, you demonstrate a commitment to data security, which can help you comply with relevant regulations. 

Overall, choosing Legrand, an ISO 27001-compliant manufacturer for your data center equipment adds a layer of security assurance. It shows that we have a proactive approach to information security, potentially reducing risks and giving you peace of mind. And the certification covers the protection and security of the software and firmware developed by Legrand for connected devices, embedded systems, and IT systems in the DPC R&D centers in Somerset, NJ, Reno, NV, Canonsburg, PA and Zwickau, Germany, including the brands Raritan®, Server Technology®, and Starline®.  

Gaining ISO 27001 certification is consistent with our approach to raising the bar on our operational excellence. Legrand already adheres to NIST and ISO standards (including ISO 9001 and ISO 14001) as well as incorporating additional vulnerability and penetration testing for our network-connectable products. 

As a global supplier to some of the most secure data centers in the world, we take security seriously, and we’re proud of putting in years of effort to meet international standards that reduce your risks. We’re here to keep you safe. To learn more about Legrand’s commitment to ISO certification, visit our certification page

Other Blog Posts

The cascade effect of data center failure on businesses - why sensors are essential
Posted on November 5, 2023
The Rapid Growth of AI and the Use of Raritan PDUs to Meet Higher Power Demands
Posted on October 11, 2023
Data Center Report Fewer Outages, But Downtime Still Costly
Posted on September 20, 2023
Survey: Energy Usage and Staffing Shortages Challenge Data Centers
Posted on September 20, 2023
Raritan Secure Switch: Secure NIAP 4.0 Compliant Desktop KVM
Posted on September 20, 2023

View all Blog Posts

Subscribe

Upcoming Events

New Zealand Cloud & Datacenter Convention 2022
3 November 2022, 9am – 4pm  •  Grand Millennium Hotel, Auckland, New Zealand
Data Centre World Singapore
12th – 13th Oct 2022
Korea Cloud & Datacenter Convention 2022
6th Oct 2022
Philippines Cloud & Datacenter Convention 2022
4th Aug 2022
JANOG50 Meeting Hokkaido
3th – 15th July 2022

View all Events

Latest News

Legrand Certifications and Process Controls Provide Confidence in Information Security for Network-Connected Devices in Data-Related Applications
Posted on July 1, 2024
Legrand Revitalizes Data Center Sector with Two Revolutionary Intelligent Rack PDUs
Posted on May 1, 2023
Exclusive interview丨How does Huizhou upgrade its manufacturing industry?
Posted on December 2, 2021
Raritan Reveals The MasterConsole® Digital Dual KVM Switch
Posted on February 18, 2021
Legrand Data, Power and Control Division Announced as Finalist in Six Categories at DCS Awards 2020
Posted on November 9, 2020

View all news