May 21 2015

S8080’s information security standard ISO/IEC 27001


Early last year, after completing yet another information security questionnaire as part of a public sector website tender, we made the decision to add ISO/IEC 27001 certification to our suite of ‘ISO’s’.

We currently hold 9001 for quality management, 14001 for environmental management and 18001 for occupational health and safety management. These combine into what is called an Integrated Management System and every year we are audited over a period of several days to make sure we comply with each of these strict international standards.

27001 is the best-known standard for providing a detailed set of bullet-proof requirements for an information security management system (ISMS).

During our day-to-day activities, developing websites for our clients and performing our general ‘running a busy business’ duties, we interact with a variety of information assets, with various degrees of confidentiality. Our 27001 ISMS helps us manage these information assets providing assurance of its confidentiality, integrity and availability.

As we have been working with high profile public sector clients for about 15 years, it turned out we had most of what we needed for 27001 already in place. We just needed to spend time formalising all of the policies and procedure to satisfy the audit team.

We passed with flying colours and received our certificate last month.

Why is this important?

We’ve gone to great lengths to ensure confidential things stay confidential.

Everything from the secure coding standards we work to, how our network infrastructure is designed and monitored, our hosting and our disaster recovery plans, through to how our team use mobile devices for their S8080 email accounts has been considered, risk-assessed and hardened.

It’s all a bit James Bond, but it means our clients have one less thing to worry about.

Apr 14 2009

New Google Mail Mobile Interface

Google have updated their mobile Google Mail interface to use cutting-edge HTML5 and CSS3 features available to WebKit-based browsers and the upcoming Firefox 3.5.
The new interface provides new functionality such as offline access – you can load Gmail in your browser even if you go offline, then reply to e-mails, etc, and it’ll all be synced back to the ‘cloud’ when you’re next online. The new Gmail also uses the <canvas> HTML element (a region of a web page defined in HTML code, which can then be drawn on with JavaScript) to draw various graphic – thus preventing the need to download images – as well as CSS animations and transformations to make the interface more dynamic. Clever stuff.

It’s amazing that this kind of stuff is leading the way is on mobile devices, where the most popular browsers (Safari on the iPhone, and the Android browser on Android-based phones) are generally more capable and advanced than the current versions of the most popular desktop browsers.

For more information, see:

Jan 22 2009

A designers oath

  • To teach design to the sons and daughters of my teachers and to continue learning.
  • To practice design to the best of my ability for my clients.
  • Never to do deliberate harm to or annoy the audience for anyone else’s interest.
  • To communicate messages worthy of the audience’s attention.
  • To keep the good of the audience as the highest priority.

Via Thinking for a Living

The creators of this oath wanted a concise declaration, so obviously a lot of stuff has been left unsaid.

A few I would add… the first from the IWA code of ethics

  • To protect the intellectual property of others by relying on our own innovation and efforts, thus ensuring that all benefits vest with its originator.

The second is inspired by NO!SPEC (against free pitching)…

  • To never devalue my profession and peers by producing speculative work.

And finally, from the AGDA code of ethics

  • To work in a manner so that as little harm (direct or indirect) as possible is caused to the natural environment.

Thanks for reading.