Toss Lab attains international standard information security certification

Information security is the key to choosing an enterprise collaboration tool

Perhaps the most crucial part of companies contemplating adopting business collaboration tools is “ information security.” One of the main reasons for many companies adopting business collaboration tools is that they have experienced several security risks while using personal messengers that are vulnerable to security. Therefore, information protection is an essential factor in choosing a collaboration tool.

Traditionally, ‘information security’ can be defined based on the following: 1) only authorized users, 2) have access to accurate information, 3) and have access whenever needed (ISACA: 2008). So, in the past, it was common to handle security management in controlled facilities. Still, in recent years, the government has also suggested that the shift from domain-centric network separation to data-centric network separation is necessary. As you can see from this example, information security is changing.

digital security

With the prolonged COVID-19 outbreak, many companies are working from home. The situation now requires all businesses to create a smart work environment where members use collaboration tools to work anywhere, anytime. To use the previous information security protection methods is inefficient. Information security is rising since essential data such as the company confidential information or personal information is stored in the cloud system as more people use the SaaS(Software as a Service) tools for work.

JANDI, a SaaS-based business collaboration tool, has provided strong security while maintaining personal messengers’ easy usability. Operated using Amazon Web Services (AWS), renowned for world-class security, all messages and files sent to JANDI are encrypted automatically. Besides, you do not have to worry about data leaks. You can set powerful security features such as managing download records, restricting file downloads, using document watermarks, setting access rights for each member, and controlling access allowed IP.


Attained ISO 27001, an international standard information security certification

On top of its secure information protection system, Toss Lab has been preparing to be certified in the information protection management system sector to enhance the security life cycle and protect customer data safely. As a result, on October 30, we obtained the internationally most prestigious ISO/IEC 27001:2013 (from now on, ISO 27001) certification in the field of information security.

ISO/IEC 27001:2013 Certification Ceremony
ISO/IEC 27001:2013 Certification Ceremony

ISO 27001 certification is an international standard information protection certification that specifies the requirements to establish, implement, maintain, and continuously improve an information security management system (ISMS). ISO 27001 certification for the information security management system established by the International Organization for Standardization (ISO) can only be obtained by passing an audit of 114 management standards in a total of 14 areas, including information protection policy, physical security, and information access control, in the field inspection.

ISO 27001 certificate

Toss Lab organized a TF in April for the establishment and certification of the information security management system. After establishing an internal process for about six months, the company cooperated with an independent certification body to obtain accreditation through a certification review. Since security accidents can occur at any time, we have systematically structured a process that prevents security accidents from happening, detects them quickly, and minimizes damage in case of accidents.


Among the startups that currently provide collaboration tool services,
Toss Lab (provider of JANDI) is the only one
that has attained the ISO 27001 certification.


JANDI, a worry-free tool

The purpose of a business collaboration tool is to help companies to work and collaborate better. Information protection is like a prop to help companies succeed. The security of information and compliance with companies’ regulations using JANDI is one of JANDI’s top priorities.

Toss Lab strives to continue to maintain all standards of ISO 27001 obtained this time, but this certification is only one step toward enhancing the security and data protection of JANDI. Therefore, even in the preparation process for ISO 27001 certification, a greater emphasis was placed on the acquisition itself and setting the sustainable goals of the information security management system and planning to achieve them.

Also, Toss Lab complies with ISMS-P, a domestic regulation of the current information security management system, and holds a company-wide information protection committee every month to make critical security decisions. In the future, after completing the SOC 3 report in cooperation with ISO standards, we plan to obtain CSA STAR, a more granular cloud security certificate.

Just as smooth collaboration is vital to do a good job, collaboration and communication are essential to security. Toss Lab is actively collaborating to strengthen the security of JANDI. In the future, we will continue to enhance security to provide better service and trust through standard certifications such as ISO 27001 and to ensure safe and efficient work for domestic and global corporate customers. JANDI is a safe choice for your business.


If you have any questions regarding JANDI’s security and data protection, please contact us at

Leave A Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: