09 June 2013

ISO 27001 in the Secure Data Destruction Industry

Junk mail inspired activity again.   Over the past months I have attended a number of information security events and have had my business details recorded thereat.

This morning, a circular email arrives from the company who I judge to be my biggest potential competitor offering tours of their impressive new headquarters and data destruction processing facility.

I am on the phone like a shot.  It takes about 3 calls without response but I am then booked in for the following week.  A one to one with the sales director, Geoff.

On the day, I have some trouble finding the facility – there’s no sign outside.  I am given two hours of one to one treatment including a personal tour of their destruction facility and a slide presentation with lots of interesting information about their business.

I am sure I am asking too many questions but pIuck up the courage ask for copies of the slides to be emailed.  I am told this will happen.  There is a serious opportunity for partnership here.

Apparently, these guys are one of only two in business of their kind in the country that have ISO 27001.  “Give me a little time and there’ll be three I think to myself.”  Interesting too that they have gone for ISO 27001 and not BS 8470.  I didn’t really register this difference at first as  I had assumed that BS 8470 was the standard.

The Managing Director told me some amazing statistic that I can’t remember exactly.  But it was something like that during 2007, over 2,000 business had set-up in recycling but only 5 of those had set-up in IT Security.  “My strategy is right I thought”.

Based on an account recorded in my diary

Leave a Reply