SurfControl On-Demand Services Demonstrates Continued Excellence In Information Security Management With Industry ISO 27001 Certification

Published 19th July 2007

Scotts Valley, Calif. – July 17, 2007 — SurfControl (LSE: SRF), a leading provider of global on-demand, network and endpoint IT security solutions, today announced its on-demand services, MailControl and WebDefense, have gone through the stringent review process and have been certified to ISO 27001 by SGS UK Ltd. This certification is awarded to solutions that comply with industry best practices and is a key component in helping to meet U.S. legislative and regulatory requirements.

ISO 27001 certification gives confidence to management, business partners, customers, and auditors that SurfControl is serious about information security management. It provides greater information security assurance, because the standard is specifically designed to address current best practices in information security and nothing else.

“ISO 27001 standards provide best practice guidance on protecting the confidentiality, integrity and availability of the information that our customers require”, said Dave Tripier, senior vice president of product management. “This certification signifies SurfControl’s continued dedication to provide best-of-breed Internet security solutions.”

ISO 27001, which is widely recognized as an information security standard amongst security professionals, is an information security management system (ISMS) standard published in October 2005 by the International Organization for Standardization and the International Electro-technical Commission. It is currently the only certifiable security governance standard.

“SurfControl is a trusted name in security, and with the ISO 27001 certification we guarantee our services meet best-practices standards,” said Tripier.