Tour de force

WooExpert Platinum WooCommerce partner - biggest elephant in the eCommerce room.
Mailchimp Partner Mailchimp partner - you know what’s the newest cutting edge customer experience solution? Great email subject!
Clutch logo Clutch - clients say we’re top dogs in eCommerce. Throw us that stick now.
WordPress Vip WordPress VIP - Enterprise hosting partner

Privacy concerns in eCommerce projects – Neuralab path to ISO 27001 standard

Neuralab started to produce eCommerce web applications right from our beginnings in 2007. Big projects, eager clients and all sorts of web design possibilities revealed to us that these kinds of interactive projects were a clear match for our team and philosophy.

Listen to this article
1x
0.5x 0.75x 1x 1.25x 1.5x

We quickly realized that eCommerce systems, especially with enterprise clients, assumed large amounts of private data, heavy testing and important security controls. These data points include mostly private user data, but also internal business data such as product orders, accounting ratios and product stock levels. Our development team started to evolve good DevOps practices and, to this day, currently utilizes a set of enterprise-grade systems:

All in all, we had these major processes in place as they were also long-run time saviors. Additionally, we wanted to ensure that all risks, processes and handling of sensitive data are also in place. Having the right development tools is one thing, but handling private eCommerce data is a completely different topic. This is where we started to implement ISO 27001 standard. In short, ISO 27001 is a set of standardized practices in a form of guides, procedures and documents that are known and tested by the entire Neuralab crew. Also, our team conducts yearly internal audits to see whether the production is really following ISO guidelines and practices on how to handle IT systems and various data points.

The process of implementing ISO started in July 2019 and ended in February 2020. These 8 months were full of documentation writing, process changing and knowledge building as we tweaked all of our connecting parts, especially ones that have a direct connection with our clients and their data. 

But did anything change for our current clients? From a daily perspective not much. We will still use the Kanban process through Trello and version control (GIT) for our eCommerce applications. I believe the biggest impact will be the strategic and safeguarding aspects of private data. Taking care of privacy (GDPR) concerns, constantly testing applications and making sure our “business continuity” is truly continuous – these will be the cornerstones of our production towards clients. We will simply make sure that they (and their data) are in capable hands – ISO standard is just one more pillar of our philosophy – providing robust eCommerce web applications. Also, this work would not be possible without the Croatian state grant and their help in conducting the whole project.

Let us know if you have any comments or questions regarding our ISO 27001 practices. Even if you’re an IT company wanting to set up these practices in-house… contact us freely!

Photo credit: National Cancer Institute at Unsplash // Description: A librarian at the National Library of Medicine (NLM) is using an IBM computer to access PDQ. The Physicians Data Query was designed by the National Cancer Institute to help physicians obtain information about the most up-to-date protocols, physicians, and clinics treating cancer patients. 1987

Krešimir Končić
Krešimir Končić Owner at Neuralab

Ex QBASIC developer that ventured into a web world in 2007. Leading a team of like-minded Open Source aficionados that love design, code and a pinch of BBQ. Currently writing a book that explains why ‘coding is the easier part’ of our field.


Subscribe to our quarterly newsletter

Please fill in this field.
Please thick this field to proceed.

Related blog posts