DeskTime is now ISO 27001 certified: What does it mean for our users?

What was your top goal in 2024? At DeskTime, our number one goal was all about leveling up customer data security. And we’re glad to say that at the tail end of 2024, we reached a major milestone when we earned the ISO 27001 and ISO 27701 certifications. 

This was a big deal for us, but an even bigger deal for our DeskTime users—these certifications mean that as of December 2024, DeskTime follows strict international standards for data and information security, making our users’ time tracking experience smoother, more secure and just better overall. 

With cyber threats lurking around every corner, taking a proactive approach to user security is more important than ever. The nonprofit Identity Theft Resource Center reports that the U.S. experienced a record-breaking 3,205 data breaches in 2023—a 78% increase from 2022. We want your time tracking experience to be reliable and safe. So, let’s talk about what these certifications mean and how they’ll impact DeskTime users. 

What are ISO 27001 and ISO 27701 certifications?

ISO 27001 and ISO 27701 are globally recognized standards for information security management systems, but they focus on different aspects. 

ISO 27001:2022 (Information Security Management System—ISMS) is a comprehensive security framework that implements, maintains, and continually improves an information security management system within an organization. The focus of ISO 27001 is on protecting all types of sensitive information, not just personal data.

ISO 27701 (Privacy Information Management System—PIMS) is an extension of ISO 27001 that specifically addresses the management of personal data. Its focus is on protecting personal data privacy rights and complying with privacy regulations like GDPR.

Certification under these standards is a significant achievement that demonstrates a strong commitment to managing information security risks and complying with international regulatory frameworks. Achieving ISO 27001 certification is a crucial step toward protecting an organization’s sensitive data and building trust with its customers.

What does that mean for DeskTime users? 

If you’re using our platform, there’s nothing you need to do—these certifications automatically apply to all aspects of how we operate. 

Achieving the ISO 27001 certification required a rigorous audit process to ensure that our security practices adhere to the highest global standards.

It’s also important to note that certification is an ongoing commitment, not a single achievement. We will undergo regular surveillance audits and consistently update our ISMS. This proactive approach enables us to adapt to emerging threats and maintain compliance over time.

But how does it impact our users? Here are a few advantages:

• Regulatory compliance: as a DeskTime user, you can rest easy knowing that your time tracking platform is in compliance with data protection and privacy regulations like GDPR and that your data is handled securely and responsibly.
• Improved data privacy: ISO 27701 specifically focuses on privacy information management. This means DeskTime has implemented strong controls to protect user privacy rights. 
• Risk mitigation: we have measures in place to protect your data from security incidents, data breaches, or vulnerabilities.

Keep in mind that turning on our Private Time feature can make the employee experience even better and protect their privacy. This feature allows employees to take a digital timeout from DeskTime and enjoy complete privacy on their work computer without DeskTime tracking their activities. 

Leveling up security with ISO 27001

In a nutshell, getting that ISO 27001 certification is a huge deal for us! It shows that we’re serious about protecting your data and that we’re committed to keeping your information safe. We believe that by meeting these high standards, we’re building a more secure and trustworthy environment for all our users.