The payment solutions provider was awarded the certification after an extensive audit of the company’s internal operations looking closely into confidentiality, integrity and availability of corporate and personal data security systems in its operations.
“Achieving the coveted ISO/IEC 27001 certification is a huge accomplishment. We are extremely delighted to be awarded this certification following a rigorous audit undertaken by the assessment body. This certification affirms our commitment to the highest level of data security and marks one more step in our efforts to demonstrate the company’s transparency,” said David Morema, the Virtual Pay CEO.
He further noted that information security is key in the payments sector as this ensures confidentiality and protection of personal information thus protecting customers (both corporate and individuals) from cyber attacks and fraud. “Our priority is protecting the assets and data of our customers, partners and employees,” he added.
Morema is optimistic that the accreditation will help his company deliver a systematic and continuous management of information security risks, as it proves the completeness and rigor of security controls while providing clients with an additional level of assurance.”
“With the newly acquired status, we shall continue offering excellent services to our customers and aim to always exceed industry standards to safeguard customer,” he said.
ISO 27001 is a global standard for information security, published by the International Organization for Standardization (ISO) and the International Electro-technical Commission (IEC). Implemented and accepted worldwide, ISO 27001 is the gold standard certificate in IT security. This standard sets over 100 requirements that outline how to implement, monitor, maintain and continually improve an ISMS within the context of the organization and its business needs. These requirements are related to the physical security, product security, financial information, intellectual property, HR processes and management’s commitment to security.
The company says it will continue to ensure its products and processes meet or exceed the security standards and expectations of its customers, partners and employees and the broader industry. The scope of the ISO/IEC 27001:2013 certification covers the ISMS supporting Virtual Pay’s human resources, information technology, software development, leadership and customer support functions. The company says it will also enhance the implementation and maintenance of controls including data encryption, vulnerability management, business continuity, disaster recovery plans and much more.
In addition to this certification, Virtual Pay is also fully PCI DSS compliant.
Virtual Pay is a technology company that enables businesses to simply, securely and seamlessly receive cashless payments from their clients through cards and mobile money payments. Virtual Pay started off in Kenya in 2020 and has ventured into Uganda, Tanzania, Rwanda, Ghana, Nigeria, Seychelles and Mauritius markets. We are very proud to serve a global clientele. In terms of geographic footprint, we are predominantly based in Africa but our clientele spans across the world.