A silly question you might think at first...
If like us you're concerned with making sure your data is safe and secure, you might think that everyone else gives it the same level of priority… not necessarily!
Nothing is infallible by any means, but ensuring your data is protected and used in the right way is an assumption you may wish to check - especially with GDPR in place nowadays.
"How would I know?" you might say, especially true when using third party applications and software.
Luckily, there are a number of accreditations that do that for you.
We’ve put together an explanation of the key ones, what to look out for and what they really mean. Credible software companies have to take the security of their platforms extremely seriously, data breaches and data misuse can quickly destroy a brands hard built reputation.
Cyber Essentials
Sound like something out of a Star Wars movie ? Close…
Cyber Essentials help organisations guard against the most common cyber threats by demonstrating their commitment to cyber security. As an accreditation from the UK governments (National Cyber Security Centre) this is one to look out for from your chosen supplier.
Information Commissioner Office (ICO)
The Data Protection Act 1998 requires every data controller (organisation) who is processing personal information to register with the ICO. Check out their register online here.
ISO’s
I’m guessing you’ve heard or seen them in some shape or form but what do they mean and what do they stand for? International standards or ISO’S for short are “specifications, guidelines or characteristics that can be used consistently to ensure that materials, products, processes and services are fit for their purpose”.
With 21,985 published ISO’s, we’ve somewhat simplified the ones you need to look out for!
ISO 27001
Arguably the best-known standard in the 2700 family providing requirements for an information security management system (ISMS). A stringent assessment to ensure organisations implement a systematic approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.
ISO 23001
When things go seriously wrong, this is the standard to hang your hat on!
Business Continuity Management or BCM as its known colloquially gives businesses the best chance of dealing with the unforeseen. From fires, floods and natural disasters, data hackers, and acts of terrorism, it goes without saying we hope they never occur!! This best practice standard prepares organisations for any such eventualities.
ISO 9001
Whilst not data security related directly, this quality management ISO, ensures you receive consistent high quality services and product. Who wouldn’t want that?
ISO 14001
The “green” environmental standard.
With global warming, plastics polluting our oceans and food waste high on everyone list, businesses are making environmental concerns their priority too. Tick the green box by making sure your suppliers do.
Traditionally companies have seen the need to endorse themselves to their audience through schemes, accreditations, and standards as costly, time consuming and cumbersome. Some might even suggest an obligation driven out of a necessity to tick a box.
Others will tell you different, with progress, hard work and innovation, why not attract attention? Stand up and be lauded for what you work so hard to achieve.
By doing so, natural improvement occurs, standards rise, customers look to you for innovation, improvement , endorsements and awards, new standards become a result of achievement rather than achieving the result.
Written Marcel Van Den Boogaard, Lead Consultant at Brand iQ