XREF ACHIEVES ISO 27001 GLOBAL STANDARD ON DATA SECURITY
- ISO 27001 further validates platform security, data privacy and accessibility
- World-leading certification obtained only by organisations with the highest security standards
- Supports Xref’s strategy to be a global leader in secure information management
- Extends Xref’s total addressable market to include enterprises requiring suppliers to be ISO 27001 certified
Xref Limited (ASX:XF1), the human resources technology company, today announced it has obtained ISO 27001 certification and released details of a range of new security features that have been incorporated into its market-leading platform.
Following two rigorous years of development and compliance, Xref is delighted to have secured ISO 27001 certification. The certification process included an independent audit of the Company, to confirm that it operates within the requirements of the standard. Obtaining it demonstrates best practice for an information security management system and validates the Company's platform security.
Xref’s clients, candidates and referees demand data security, privacy and accessibility in line with increasing and evolving security expectations, and compliance with regulations, such as the European Union’s General Data Protection Regulation (GDPR), Australia’s Privacy Act and Canada’s Personal Information and Electronic Documents Act (PIPEDA). The Company’s ability to meet and exceed these requirements is a powerful differentiator.
The Xref candidate referencing platform was created to prevent fraud, discrimination and privacy breaches by automating a time-consuming manual process with an online solution. Ongoing investment and platform development has enabled the Company to meet the highest security and data protection standards, meaning the data of its clients, as well as thousands of candidates and referees, remains safe. This certification supports Xref’s strategy to be a global leader in candidate information management.
New updates further strengthen Xref’s security features
While every organisation is now prioritising data security, more than 50% of Xref clients are enterprises that operate under extended security policies and require their technology suppliers to offer the measures that align with those requirements. Following the release of the latest security updates, Xref’s platform now includes:
Two-factor authentication (2FA): this extended verification approach is becoming commonplace in enterprise workplaces, clients now have the opportunity to add 2FA to their Xref account to verify the identity of every user attempting to access it.
- Extended user management
- Advanced password and security policy alignment
- Data sharing and tracking
While the Xref process is typically managed and driven by HR and recruitment professionals, clients also often want to share final reference reports with relevant line managers. Xref has introduced measures to enable this, securely, by creating rules that allow reports to be sent only to those defined as appropriate by account administrators, and automatically updating the log file when a line manager opens a report.
- Location-based access restrictions
- Regionalised data storage
- Extended security log function
Investor and media enquiries:
Ashley Rambukwella, FCR
Tel: +61 (0)2 8264 1004 / +61 (0)407 231 282
“Xref’s platform has been built for highly scalable, global enterprises that demand extensive security capabilities. Our technology enables clients to control account data and manage access effectively, meeting stringent security audit processes. We are investing in our platform and remain confident about maintaining the highest levels of security around the world.”
Executive director / CEO Lee-Martin Seymour
“We designed Xref to comply with data privacy needs from the outset and we hold ourselves to a very high standard. Our control over critical information assets helps provide confidence for our clients that their data is protected. ISO 27001 certification is awarded only to those that meet the highest global standard for information security. Obtaining this certification puts us in a much stronger position to sell to large enterprise clients with advanced security requirements. With today’s heightened scrutiny of privacy and data breaches, we have demonstrated that we are at the forefront of the market and prioritising security."
Executive director / CTO Tim Griffiths
“ISO 27001 certification demonstrates the benefits of strategic decisions taken more than two years ago. Xref has always sought to meet best practice and now has the highest quality systems and procedures in place to meet security challenges. This ensures longevity for Xref’s market leadership.”
Chairman Brad Rosser