Nexo, a leading digital assets company, has recently achieved a significant milestone in securing client data and privacy by obtaining ISO 27017 and ISO 27018 certifications. These certifications, building on Nexo’s existing compliance with ISO 27001, mark a significant enhancement in their security and privacy protocols, especially relevant in the increasingly cloud-reliant crypto ecosystem.
ISO 27017 and 27018 are standards specifically tailored for cloud computing environments. ISO 27017 focuses on extending the information security controls from ISO 27001 to cloud services, ensuring a robust security framework. ISO 27018, on the other hand, provides stringent privacy guidelines for the management of personally identifiable information in the cloud. Together, these certifications not only reinforce Nexo’s commitment to data protection but also highlight its dedication to maintaining the highest standards of user data security and privacy.
Milan Velev, the Chief Security Officer at Nexo, commented on this achievement, stating, “Nexo’s integration of ISO standards for information security and privacy signifies a major step forward in our journey to set new benchmarks in digital finance. We are not just complying with international standards; we lead by example, prioritizing our client’s security and privacy in every aspect of our operations.”
This recognition comes from the global certification body RINA, which granted these prestigious designations following an independent audit. The achievement builds on Nexo’s track record of adhering to stringent security protocols and maintaining transparency in the digital asset sector. Earlier audits have found Nexo compliant with SOC 2 Type 2 requirements, a critical standard for financial services firms, and the company also holds a CSA STAR Level 1 Certification.
For Nexo, the pursuit of robust security is an ongoing priority, reflecting its ambition to set industry standards. This commitment to security and privacy comes amidst Nexo’s ongoing legal challenges. The company is currently seeking $3 billion in damages from Bulgaria following an aborted criminal investigation. Nexo AG, a Swiss unit of the Cayman Islands-based Nexo Capital, alleges that the investigation damaged its reputation and destroyed shareholder value, hindering its plans for a U.S. stock market listing and a soccer sponsorship deal.
Nexo’s recent achievements in security and privacy certifications, alongside its legal pursuits, underscore the company’s resolve to not only protect its clients’ data but also to maintain its standing as a trustworthy and secure player in the dynamic digital finance landscape.