Information Security at Tecman

In a world where cyberthreat is all too common, information security is critical.

We’re proud to be ISO 27001:2022 certified. As the most recent iteration of one of the most respected information security standards in the world, the ISO 27001:2022 framework helps determine whether an organisation’s information security management system keeps sensitive data and systems secure.

We are audited by a UKAS accredited provider, so our policies and processes have been checked with a fine-tooth comb. And we still passed our 2025 audit with flying colours.

You can find out more about ISO 27001 below
business people with shield

How are we keeping information and data safe?

At Tecman, information security isn’t a simple, tick-box activity to keep us compliant for compliance’s sake. We take every precaution possible to ensure the smooth running and very survival of business, for our customers and for us.

As a Microsoft Dynamics 365 Business Central & CRM partner, we understand that business systems are the backbone of almost any organisation. That’s why high-quality information security has always been the top priority – and we’re proud to say that our latest £30,000 investment has taken us to a whole new level.

When it comes to infosec, transparency is key, so here’s a breakdown of some of the systems and processes we’re using to keep our information secure.

Vanta Trust Center and compliance automation

trust centre on screen

We’ve invested in trust management platform, Vanta. This software continuously monitors our systems to give us a constant view into our information security health and compliance.

Meanwhile, our Trust Center allows people to request access to resources relevant to our handling of information and data, including our ISO certificate and pen testing documentation.

It also lists our internal procedures, and controls surrounding infrastructure, organisational security, product security and data and privacy, complete with live status to evidence whether things are ticking along as they should.

There’s an FAQ section on the Trust Center, as well, talking all things infosec. This is a resource that we can update as and when we’re asked relevant questions that we think would be useful to give visibility of, along with our answers.

Visit the Tecman Trust Center
Microsoft Cloud Platform

As a Microsoft Partner, it makes sense for us to place our own trust in Microsoft products – but we do it with good reason.

Microsoft is renowned for taking a security-first approach. We invest heavily in their cloud platform, Microsoft Azure, which is essentially the backbone of all Microsoft products. It helps us run virtual machines, databases, AI tools and more, securely and at scale.

Native antivirus, Microsoft Defender, strengthens the Azure platform even further, with intelligent threat detection and security controls that are built into hardware and firmware. Plus, it’s all supported by a large team of cybersecurity experts working 24/7, 365 days a year.

We also use Microsoft Intune, an endpoint management solution. Intune allows us to properly enforce security policies, safely roll out applications and protect data on both company-owned and bring your own (BYOD) devices.

climbing to the cloud
Image

1Password and two-factor authentication

We keep internal and customer accounts as secure as possible by using a tool called 1Password. By using 1Password, we make sure accounts are only accessible to those with authorisation.

With zero-knowledge architecture, the passwords themselves aren’t actually visible, even to those with authorisation. This means there’s no risk of them being scribbled down on a Post-it Note or passed around in an email chain.

Of course, we’ve got two-factor authentication and single sign-on in place, as well, all in the name of keeping Tecman and customer systems and information safe and secure.

Image

BeyondTrust (formerly known as Bomgar)

BeyondTrust gives us the tools we need to minimise risk while accessing and supporting remote systems and devices.

This trusted remote support software gives Tecman’s helpdesk and customer support teams the ability to securely access and fix any remote device, from computers and mobile devices to hardware and peripherals.

With BeyondTrust, we can safely connect to customer environments with full session auditing and credential injection, which helps us deliver compliant support without exposing sensitive login details.

What is ISO 27001 certification?

The International Standard for Organisation (ISO) is a global organisation that sets organisational standards all around the world.

ISO 27001 is the global standard the ISO has set for keeping information secure. Essentially, it’s a framework that lays out how to set up, run and improve an Information Security Management System (ISMS).

The ISO 27001 framework exists to protect three aspects of information: confidentiality, integrity and availability. This means that organisations must make sure:

  • Only authorised people can access information
  • Only authorised people can change information
  • Information is accessible to authorised people as and when needed

With ISO 27001 certification under our belts, we’re demonstrating our commitment to safeguarding your data, keeping things confidential and reducing security risks. It’s proof that we’re always working to stay on top of our game when it comes to protecting information – both our customers’ and our own.

 

ISO 27001 logo

Team Tecman is 100% committed to information security

But don’t just take our word for it... Head over to our Trust Center today, where you can find an even more comprehensive breakdown of how we keep information secure.

Visit the Tecman Trust Center

Publish modules to the "off-canvas" position.