New York, NY (January 21, 2021) – Epstein Becker Green (“EBG”) is pleased to announce that the International Organization for Standardization (“ISO”) named EBG as one of the first law firms to achieve ISO/IEC 27017:2015 certification, a strict code of practice governing the safe and effective operation of cloud services. EBG also retained the ISO/IEC 27001:2013 certification for our Information Security Management System (ISMS) for the fourth year in a row. This means that the firm’s certification portfolio includes the highest accreditations available for Information Protection and Cloud Security.
“Our information and security systems were once again subjected to rigorous audits and we are proud to have achieved full accreditation, certifying our ability to safely guard and maintain the confidentiality of client data in our care,” said Robert Guilbert, EBG’s Chief Information Officer. “This accomplishment demonstrates our investment in and dedication to information security, as well as our priority to protect our clients’ sensitive information. We continue to look for new and innovative ways to increase our security posture and protect against cybercrime – adding ISO 27017 takes our information security to the next level, one that few organizations or law firms have reached.”
How EBG’s ISO/IEC 27001:2013 and ISO/IEC 27017:2015 Certifications Benefit Clients
At EBG, protecting the confidentiality and integrity of client data is of paramount importance, and this achievement highlights the firm’s commitment to information security at every level. EBG’s ongoing efforts to comply with the ISO standards, along with the required verifications by an independent third-party auditor, demonstrate that the firm’s information security management system is comprehensive, state of the art, and follows international best practices. In order to best serve our clients, we strive to provide our clients with clarity and assurance regarding the extent and strength of the firm’s information security program. In turn, our priority to protect client data continues to provide us with insight into how to help our clients strengthen their own data security policies and procedures and minimize their risks. In addition, undergoing the arduous process of obtaining and maintaining ISO 27001 certification, as well as adding ISO 27017, continues to make EBG attorneys and staff more sensitive and aware of their collective responsibility to safeguard our clients’ and the firm’s sensitive information.
How EBG Maintained Its ISO/IEC 27001:2013 Certification and Acquired the ISO/IEC 27017:2015 Certification
In order to uphold the ISO certification standards and follow security best practices, EBG must continually review and work to improve the firm’s security posture. To ensure that the firm meets these ongoing obligations, our information security systems underwent an annual audit by an independent third-party auditor. This audit is meant to verify that our information security practices and procedures are updated and in line with the rapidly changing technology landscape. The firm uses BSI as its certification body (“CB”) organization.
About Epstein Becker Green
Epstein Becker & Green, P.C., is a national law firm with a primary focus on health care and life sciences; employment, labor, and workforce management; and litigation and business disputes. Founded in 1973 as an industry-focused firm, Epstein Becker Green has decades of experience serving clients in health care, financial services, retail, hospitality, and technology, among other industries, representing entities from startups to Fortune 100 companies. Operating in locations throughout the United States and supporting domestic and multinational clients, the firm’s attorneys are committed to uncompromising client service and legal excellence. For more information, visit www.ebglaw.com.