Strengthening security and trust across the endpoint management ecosystem
SoftwareCentral is officially ISO/IEC 27001:2022 certified for the development and operation of its Microsoft Intune and Configuration Manager tools.
Security and compliance have always been part of how we build our solutions, not just how we talk about technology. For the IT teams running Microsoft tenants and managing thousands of endpoints, this certification is proof that the same concept we bring to our products runs through our own operations as well.
This certification confirms that SoftwareCentral’s internal security, development, and operational processes are aligned with globally recognised best practices. It shows that our workflows, access controls, and data handling meet the same expectations our customers are measured against.
“As a product team, we live in the same world as our customers,” says Andrew Taylor, CTO. “They rely on us to help them stay in control of their environments, so it’s only right that we hold ourselves to those same standards. ISO 27001 just makes that commitment official. I’ve always believed that the best software reflects the same discipline and structure it helps others achieve.”
The certification was issued by Tempo Audits Ltd, a UKAS-accredited body, following a detailed audit of SoftwareCentral’s information security management system (ISMS). The process was completed with zero non-conformities, a rare result that highlights strong governance and a mature, well-documented approach to security.
To structure and maintain the ISMS, SoftwareCentral collaborated with Securilix, leveraging their expertise alongside the compliance automation platform Drata. Together, they created a security framework that ties directly into SoftwareCentral’s development lifecycle, covering everything from code management and internal access to incident response and data handling.
“Trust is earned through consistency,” says Andreas Spiegelhauer, CEO.
“Our customers rely on us to keep their environments stable and secure. As SoftwareCentral grows, this certification confirms that we scale responsibly and that our commitment to quality goes far beyond the products themselves.”
Why it matters
Verified security
For many enterprises and MSPs, ISO 27001 has become a practical requirement when choosing technology partners. It replaces statements about security with verified evidence that a vendor operates under proven, audited controls.
Reducing third-party risk
Certification helps customers manage supplier and partner risk, which is one of the most common causes of security incidents today. It confirms that every SoftwareCentral process, from development to infrastructure and support, follows a controlled framework designed to protect data and maintain service integrity.
Simplifying compliance
For regulated industries, ISO 27001 aligns with frameworks such as GDPR and national data protection laws. It reduces the need for repetitive security assessments and gives customers confidence that their own compliance goals are supported by a trusted vendor.
Creating long-term value
Security becomes a built-in strength rather than an overhead. This helps customers and partners work faster, reduce friction in procurement, and scale safely with a vendor they know meets global standards.
Certification issued: 10 October 2025
Valid until: 10 October 2028
Certified scope: Development and operation of software tools for Microsoft Endpoint Configuration Manager and Microsoft Intune
