Press release

Press release February 23, 2015

Enfo granted an information security certificate

Enfo’s information security management system and Enfo’s Data Center services in Kuopio and Karlskrona data centres were granted an ISO 27001 information security certificate. The certificate shows that Enfo takes information security risks seriously and continuously develops its information security to be ready for evolving threats.

Contact Us

COFFEE OR TEA? Drop by for a cup.
EXPLORE what we know and do
EXPLORE what we know and do


Competence areas

– Information security is extremely important for our customers and our reliability is based on how we realise information security. The certificate provides transparency on the level of our data security. Now we can present an independent reviewer’s statement proving that our standard of information security is high and that our organisation follows specific instructions and regulations, says Enfo’s Chief Security Officer Pekka Hagström.

During the certification process we carried out extensive risk analyses for Kuopio and Karlskrona data centres. The analyses covered risks from the data centres to recruiting employees and the operations of contractors. The risk analysis included the analysis of threats related to access control, physical security, network security and operational management, and the probabilities of these threats. Based on the analysis, Enfo invested in ensuring the continuous operation of the data centres and made clarifications in the procedures for exceptional situations.

– An important part of information security management is to create a systematic model for continuous development and ensure that communication works within the organisation. During the audit, we developed more systematic ways for identifying potential threats. We have also developed more efficient procedures for addressing information security risks at different levels of the organisation, Pekka Hagström says.

The newly adopted continuous development model means regular security audits, recurring risk analyses, continuous risk monitoring, etc. As part of the process, we pay more attention to the ever-changing security environment as well as the development of instructions and regulations.

– Now we can give clear reasons why our information security is carefully managed. I believe that the certificate will give us better chance to succeed in both private and public sector bidding competitions. The procedures developed during the audit also help the management of the organisation to stay up to date on possible threats. This helps us ensure that we address potential threats in time and with necessary gravity, says Enfo’s CEO Arto Herranen.

For additional information, please contact:

Pekka Hagström, CSO, tel. +358 40 849 1070,

Arto Herranen, CEO, tel. +358 44 719 3000,


Principal media,