Information Security & Compliance
At D7Networks, information security is at the heart of everything we do. As a communication infrastructure provider, we recognize our responsibility to protect customer data, ensure service integrity, and maintain trust. Our security program is designed in line with globally recognized standards and is continuously reviewed for effectiveness.
ISO 27001:2022 Certified
We are proud to be ISO/IEC 27001:2022 certified, demonstrating our commitment to maintaining a robust Information Security Management System (ISMS). This certification validates our practices across:
- Data security & encryption
- Access control and user management
- Business continuity and disaster recovery
- Risk assessment and mitigation
- Vendor and asset management
A copy of our ISO certificate is available upon request via [email protected]
Security & Compliance Audit Summary
We conduct regular audits and drills to ensure the resilience and maturity of our systems:
| Activity | Last Conducted | Next Scheduled |
|---|---|---|
| Internal ISMS Audit | 14 February 2025 | Q3 2025 |
| VAPT (Vulnerability Assessment & PenTest) | Q4 2024 | Q2 2025 |
| Access Rights Review | Q1 2025 | Quarterly |
| Backup & Restore Testing | Q1 2025 | Q2 2025 |
| Incident Response Drill | Q4 2024 | Q3 2025 |
| Log Review & SIEM Audit | Q1 2025 | Monthly |
| Firewall & Network Configuration Review | Q1 2025 | Q3 2025 |
| Endpoint Security Audit | Q4 2024 | Q2 2025 |
| Patch Management Review | Q1 2025 | Monthly |
| Third-Party Vendor Risk Assessment | Q1 2025 | Annually |
| Data Classification & Protection Review | Q1 2025 | Q3 2025 |
| Mobile Device Policy Compliance Check | Q4 2024 | Semi-annually |
Additional Highlights
- All critical data is encrypted at rest and in transit using industry-standard protocols.
- Role-based access controls (RBAC) and MFA are enforced for internal systems.
- Regular employee security awareness training and phishing simulations.
- We maintain a dedicated Information Security Team reachable at [email protected] for any inquiries, disclosures, or security-related concerns.