Information Security Management System – ISO/IEC 27001:2013

Information Security Management System – ISO/IEC 27001:2013

Given the sophisticated nature of today’s threat landscape, IVE Group (Blue Star DIRECT) considers information security as a critical part of our everyday business.

As part of our commitment and management of Information Security, Blue Star DIRECT:

  • recognises that the success or failure of the information security program depends on all staff members and takes appropriate steps to educate and improve awareness of staff members on matters relating to the protection of information assets;
  • implements a structured information security risk management approach that is holistic and dynamic and ensures emerging security vulnerabilities and threats are identified, assessed and appropriately managed in a timely manner; this includes the restriction of access to information and data through logically separated folder structures permissible only to applicable groups through Active Directory, and deployed by group policies; applying data encryption at rest and in transit (when sent via SFTP using SSH or HTTPS protocols); and the secure deletion of expired data;
  • identifies and conforms to applicable legislative, statutory and contractual obligations; and
  • have appropriate measures in place to evaluate the performance and effectiveness of the ISMS to facilitate continual improvement.

Every campaign is treated individually and is segregated within our systems.  We have a high level of automation which minimises the need for human intervention in data management, reducing the risk of human error and unauthorised access.

Annual internal and external audits are conducted to ensure compliance to ISO 27001:2013 and in many cases, our business undergoes customer-driven detailed third party audits of premises, procedures and systems to ensure highly robust security is in place.  We are happy to work with our customers to provide the best outcome and protection of their information and keep abreast of and compliant with the requirements of Australian and overseas privacy regulations.

Information Security is managed by a dedicated National Process & Compliance Manager across all of the Blue Star DIRECT sites.

How can we help you?