BIM Track: the first BIM issue tracking platform to be ISO 27001 certified

April 20, 2020 4 min. read

You trust us with your sensitive information from all over the world; as such, information security is a top priority here at BIM Track. 

We recently achieved ISO 27001 certification, which demonstrates that BIM Track has met rigorous international standards to ensure the security and integrity of the BIM Track platform. It was well worth the significant effort it took to complete the process!

Why is ISO 27001 certification so important?

BIM Track joins Fortune 500 brands such as Microsoft, Verizon, Apple, Google, Intel, and Amazon in becoming ISO 27001 certified. To our knowledge, we are the first issue tracking platform in the AEC industry that has adopted this systematic approach to managing sensitive company information to ensure staying secure at all levels possible. No one can afford to take security risks, but we’ve had particular demand for this feature from our large scale project owners the world over. 

Unfortunately, cyberattacks and data breaches are part of our modern reality. Whether you are a small business or part of a huge corporation, all of us can be targets 🎯. Cyberattacks are increasing across all sizes of companies. According to Construction Dive’s coverage of the 2019 Traveler’s Risk Index:

“The number of large businesses victimized has increased by 73% since 2015, while the number of medium and small businesses victimized increased by 100% and 200%, respectively, in that time period. Moreover, after going after bigger targets like hospitals, financial companies and governments, construction could be the next target for hackers because of the valuable information about the companies’ classified plans or specs on government projects”. 

Zachary Phillips,
Associate Editor at Construction Dive.

What does ISO certification really mean for BIM Track users?

Our ISO 27001 certification is more than just a certificate to hang on the wall. For our users, it shows that BIM Track embraces a rigorous and continuous risk management process that has people at its core

We ensure the highest standards, from how new team members are screened and trained, to how we encouraged best practices to keep our #SecurityCulture alive across all our technology. This way of working benefits from continual improvement and the highest quality standards orchestrated and closely monitored by Jimmy Plante

“A security culture can’t just be a piece of paper; it has to be a way of working and living. When it comes to BIM Track’s security and the integrity of our users’ data, we are only as strong as the person next to us:
the weakest link can break the chain.” 

Jimmy Plante
Jimmy Plante
CEO at BIM Track

Immediate benefits for #BIMTrackers include:

  • Protection from third-party risks. The processes required to meet the ISO 27001 standard result in better documentation and means that all staff will have clear guidelines to follow, which helps to keep your data secure and free from attack.
  • Protection of your reputation. In the event of a breach, an ISO 27001-certified partner helps protect your organization and keeps you out of the headlines!
  • Disaster recovery process and business continuity plans for worst-case scenarios. This is an elective option to include in the certification process that we went for. 

For instance, after going through 112 security controls across all areas and teams of the company, we are able to individually and collectively prioritize and invest in the actions that have the biggest impact on our clients’ security. Our team is equipped to anticipate and manage security threats before they happen. Our developers, operations and product management teams have learned (and continue learning) new security skills such as secure coding practices in accordance with the OWASP standard, the internationally recognized leader in application security.

Future plans

There is no such thing as a risk-free world, but by working as a team, we can prepare for the unexpected. We are hyper-aware of the importance of protecting the data you, our users, trust us with. We are also ready to face the re-certification processes to come since we must withstand the test of time by continuing education and improvement to keep the highest standards. 

Our energy is already focused on maintaining our security performance level and preparing for the next challenge. 

Feel free to reach out to us via our web chat or by emailing to ask us about this certification or any of your security questions.

We’re finally “officially” ready to live and breathe our data protection and security culture!