What is a security incident?

Code Enigma have an integrated Information Security Management System (ISMS) as part of our goal of achieving ISO 27001:2013 accreditation from BSI Group. A large aspect of our ISMS is to do with incident management, how we respond to issues that affect one or more of the three vectors of information security, Confidentiality, Integrity and Availability (often shortened to just CIA).

When you hear Code Enigma staff refering to a "security incident" they are referring to something that impacted our service causing one of the CIA vectors to be affected. For example, if we have a server outage, that would affect Availability, a disk corruption Integrity, an email account compromised would potentially affect Confidentiality, and so on.

We raise and track security incidents and their root cause to continuously improve our service and be able to give an accurate picture of service status. You can expect us to inform you if a security incident affected your service, and you can in turn request a security incident be raised if you feel there has been a risk to your CIA caused by Code Enigma or Code Enigma systems.