Organizations across the globe seek for a certification to guarantee their 'best in class' services. Catering to this organizational need is the information security management system (ISMS) standard ISO/IEC 27001 (where ISO stands for International Organization for Standardization and IEC stands for International Electrotechnical Commission). This certification is critical for business orientated reasons.

The ISO/IEC 27001 certification formally defines a 'system' which brings the entire information security of a company under an explicit management control. Moreover, it mandates specific requirements for organizations which claim to have adopted the same. Consequently, any organization adopting the standards specified in ISO/IEC 27001 can be formally audited only after which it can be certified fully compliant.

The advent of this standardization in the hosting industry

The year 2003 witnessed two noteworthy tenders in the hosting infrastructure. These specifically pointed out ISO 27001 (or IS 17799) as an obligatory contractual requirement. That is why major Data Centers in India have made it a point to achieve the ISO 27001 certificate. So it is clear that if a Data Centre is ready to provide offshore hosting services, it has to achieve the ISO 27001:2005 certification.

Previously, the 27001 certification used to be an opportunity for companies to flaunt their certification because very few actually obtained this recognition in their relevant fields. On attaining the standardization, businesses would publicize the same through press releases because they were a step ahead of their competitors.

At present, security has become a prime concern for clients seeking online data storage through Data Center services. Even if these enterprises have their own organizational information security control in place, it appears to be disorganized and disjointed because core aspects of IT, data security and non-IT information assets are not fully covered. That is why businesses look for a systematic examination of the organization's information security risks.

While price may or may not be a primary concern for such businesses, data safety sure is. Therefore, data centers acquire this certification to cater to all client specific needs; moreover it has become a market norm because competition is on the rise across the Data Center market.