Gandi awarded ISO 27001 security management certification

Paris, May 30th, 2024 –  Gandi.net, the French specialist in domain name registration, web hosting, e-mail solutions and SSL certificates, has just been awarded ISO 27001 certification, the international reference standard for information security management. This award demonstrates the company’s constant effort to ensure the protection of its customers’ sensitive data through a rigorous management system.

« This ISO 27001 certification marks Gandi’s lasting commitment to applying best practices in information security», says Benjamin Baxter, Gandi’s IT Risk Analyst. « We will continue to invest considerable effort to protect the data entrusted to us as effectively as possible, and provide our customers with the highest levels of guarantee in this area. »

According to the International Organization of Standardization, ISO 27001 promotes a holistic approach to information security: vetting people, policies and technology. An information security management system implemented according to this standard is a tool for risk management, cyber-resilience and operational excellence.

« ISO 27001 certification of our information security management system was of key importance to us.» explains Arnaud Franquinet, Gandi’s CEO. « The users of our services, both individuals and organizations, must be able to have absolute confidence in our ability to protect them against any risk to their data. It was therefore imperative for us to commit to continuous monitoring and improvement of our data security practices. ISO 27001 certification validates these efforts, which have been underway for several years, and reflects our ambition to help companies manage their domain name portfolios and protect their brands with the highest levels of security. ISO certification is a valuable addition to our global security services offering, notably our DNS premium product and our security+ pack.»

Gandi’s plan to complete this milestone was initiated in 2021. The company has set up a dedicated team to implement and manage this information security management system (ISMS).  This team works closely with Gandi’s various departments, drawing on their expertise in modern Internet infrastructure. This work enables us to identify the main risks that Gandi’s assets face and to develop appropriate responses.

The certification process involved raising awareness to all teams about information security issues, and overhauling a number of internal processes. From now on, internal and external security audits will be carried out on an annual basis, to detect any weaknesses and ensure the ongoing development of existing practices and organization.

about Gandi.net

Gandi is a French company which, since 2000, has been offering domain names, web hosting, email services and SSL certificates, with the ultimate goal of providing everyone with a secure, independent digital identity.   Since 2012, Gandi has also been supporting large businesses as a strategic partner for domain management, domain protection, trademarks and online presence. Thanks to its dedicated offer, teams and Gandi Corporate Services.

This success is the result of 20 years of continuous investment and a quality of service focused on customer needs, with a strong emphasis on word-of-mouth. Today, this SME with 130 employees on 3 continents manages more than 2.5 million domain names for large companies and retail, while operating its own infrastructure from data centres located in France and Luxembourg. Its DNS quality and resolution are among the best in the industry. Its day-to-day work is based on strong values of quality, reliability and security, with a commitment from the outset to respect personal data.