Lessons Learned ISO27001

ISO/IEC 27001 is widely known, providing requirements for an Information Security-Management System (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

Datasur has been certified for the past 6 years. We started in 2015 with the implementation and the first audit. There are a few lessons we as Datasur learned during the past years, and we thought it would be a great idea to share some of the lessons-learned with our clients and followers.

 Lesson #1: ISO, no matter which ISO it is, could be ISO 9000 or ISO 27001, you must start preparations on time. ISO 27001 is a year long task. As a company we use ISO 27001 in our everyday job. Internally the organization is confronted with processes for everything. But it comes with a cost — the cost of transformation and commitment to follow through set policies and procedures. It brings in the perspective of security on everything that happens within an organization. It engages all functions of the organization from Commerce, Operations, HR to Finance. So we need commitment from all the departments of the organization for the ISO 27001 to function correctly.

Lesson #2: Dedicated employees. The company needs ownership. Ownership is a term commonly used in Information Security. Having a dedicated Information Security Manager or Officer will ensure commitment from leadership. Datasur uses a top-down approach in Information Security. The initiatives are taken by the CEO and our Management Team. We formulate the policies, outline the procedures to be followed, determine the priorities and the results expected, and also determine the liability for each action.

Lesson #3: Yearly checklist. Because it can become a lot to take on and we needed to stay on top of managing the ISMS, we designed an ISO 27001 yearly/monthly checklist. Each asset owner can now access their checklist and with one click have an overview of their tasks related to ISO 27001. With this checklist we were able to see our progress monthly.

Lesson #4: Security awareness. Security awareness is an important part of our ISO 27001. Training our employees about the security landscape is important to reduce the risks in the ever evolving cyber world. Security awareness training also ensures that employees are fully awake to the consequences of failing to protect the organization from outside attackers.

Whitney de Rijp, MBA in Innovation and Technology.
Whitney de Rijp is a young driven Surinamese woman. She has been working at Datasur for over 6 years. Together with her top team, they ensure that customer data is stored securely all over the world which helps them focus on their core business.

Integrity, authenticity and just being herself is the mode for success as a Commercial Affairs Manager. Furthermore, she finds it very important to maximize effectiveness and of course lead by example. For both the internal and the external organization she is very transparent, which also fosters loyalty and engagement with the company goals.

Jurgen Schmeltz has as a Bachelor's degree in Information and Communication Technology and several IT certifications. His IT career started in Johannesburg, South Africa at IBM where he gained international experience for 5 years. When he came back to Suriname, he worked for two IT companies and also gained experience in VOIP, Backup Solutions and Microsoft Products.

At the moment Jurgen is a Cloud and Datacenter Infrastructure Specialist with many years of experience in the field of Microsoft Virtualization, Workplace Automation, Backup, Replication and Data Center Infrastructure. He currently holds the position of Operations Manager and is responsible for managing the Datacenter Operations such as Cloud and Network infrastructure.

Furthermore, he is also responsible for managing daily Facility Operations of the Datasur Datacenters and Project Lead for Cloud and Datacenter expansion projects. In his free time he’s a parttime lecturer at the two technical Universities in Suriname.

On behalf of Datasur Jurgen Schmeltz is also chairman of SUR-IX. The Suriname Internet Exchange Point which will be operational before the end of 2022

Sheetal Ganput works as the General Affairs Manager at Datasur. In this role she is part of the management team and reports to the CEO of Datasur.

She is a very self-driven, detail-oriented & hardworking young professional. She has helped to reorganize the company in the field of Office, HRM and Supply Chain Management.

Sheetal has her B.Sc. in Business Management and also completed her M.Sc. completed in Business Management with a specialization in Strategy, Entrepreneurship and Leadership. She is very progressive and is currently doing her Ph.D. study in Leadership & Management

Our CEO, Dr. Anvit Ramlakhan is a prolific strong inspiring inclusive young professional leader from Suriname, working in different fields to contribute for the betterment of humanity and the world. He is an experienced executive with a demonstrated history of working in the ICT industry for several years, with a widespread of skills in operations, quality, risk, project, business, strategy, product portfolio management (just to name a few). At Datasur Anvit oversees the total company performance on strategical level, with a strong focus on business growth, innovation, customer experience and financial profitability.

Furthermore, Anvit contributes to development of the Surinamese youth by lecturing and tutoring at four university study organizations in Suriname on undergraduate and postgraduate levels within study fields such as ICT, Electrical engineering, Organization management, Process management, Business intelligence, MBA, etc.

He has a strong professional background with a cum laude doctorate (Ph.D. in Management- Information and Technology) from the Akamai University in USA, Master of Science (M.Sc.) with merit in Information Systems from Anglia Ruskin University in London, UK and Bachelor of Science (B.Sc.) in Telecommunications from Anton de Kom University in Paramaribo, Suriname. He currently is finishing up his MBA in Strategic Management and Leadership at the London School of International Business, London, UK.

Anvit has several prolific leadership and business certifications, ongoing humanity service, extensive spiritual drive and a personal theme which is as follows: “Continuous progressive successful excellence”. He is part of volunteer organization HSS for 20+ years, through which character molding, collaboration and way of living for the youth is created and augmented.

In January 2022 he has been elected for two years as Chairman of the ICT Association in Suriname, in order to help strategize the sustainable digital economic development of Suriname. Furthermore he also has been elected as Chairman for the Suriname Business Youth Association in June 2021 for a period of two years, whereby development and support of young entrepreneurs and professionals is one of the main goals. Anvit is also part of the presidential working groups on areas of e-Government and wage council.