Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
It is time for us to polish off our crystal ball and give our predictions straight from consumers’ fingertips for the hot products of the 2012 holiday season. Gadgets will reign across many ages Tablets including LeapPads, Tabeos, iPads, Kindles and others will continue to be a popular gift this year, with more choices than ever. On the list of top product-related search terms driving traffic to the Retail 500 category of sites, Kindle Fire HD and Windows 8 top the list as new products. Additionally, Meep!, a child friendly tablet appeared in the top fifteen. Accessories for both phones and tablets will also be popular, especially as the variety grows for iPhone 5 and iPad Mini. A reoccurring favorite gift for the holidays is UGGs which shows a decrease year over year. However, another brand with a similar product is Bearpaw, which is in the top ten searches and has seen big growth year over year. Source: Experian Hitwise Dolls, video games and Furbys, oh my! To identify the popular toys for gifts this year, we researched product-related search terms driving traffic to ToysRUs.com compared to last year’s holiday season. We uncovered trends in the doll category, Doc McStuffins as number one on the list, along with the classic Barbie, which saw a growth in searches year over year. The Furby is making a strong comeback at the number two spot with a reboot and new features. Another trend here is tablets, from branded searches like LeapPad and Kurio there is also the generic term ‘tablets for kids’. In the video game category, the new Wii U that is debuting just in time for Black Friday and should be a big gift this year, along with searches for PS3 games and the Nintendo 3ds xl are all in the top 20 searches. Source: Experian Hitwise Keywords of the consumer to identify demand Beyond product names, it is important to understand the actual way people search, using key phrases and questions. Last year, for example, there was a lot of activity around ‘in-stock’ products, such as the LeapPad explorer, which was hugely popular and quickly sold out in many stores. Retailers and marketers should monitor this throughout the season and make sure to optimize for in stock if there is a popular product that they have available. Source: Experian Hitwise Consumers also focus on what is the ‘best’ – so we see search activity around ‘best place to buy’, particularly around electronics. Questions such as ‘where to buy a’ specific product are also common, such as ‘where to buy a kindle’. These phrases offer opportunities to boost search campaigns by considering how consumers phrase their questions to ensure to capture these searches. Source: Experian Hitwise Quick tip: In the retail category there will tend to be a lot of retail branded store terms but to keep up with holiday search behavior and help make analysis quick, create portfolios of branded terms to easily exclude those from a certain category. When you strip out all the variations of that term you are able to gain insight into product searches that are most popular to a certain site or category. For more insight on the hot product trends for this year from our Hitwise trend-spotters, watch our webcast.
The holiday season – a most wonderful time of the year for retailers – is underway and marketers are tweaking their campaigns for better customer engagement and enchantment. There are many channels in which to reach top customers and prospective customers, and the new holiday season is a great time to refine strategies and tactics to ensure success. To help marketers in their quest, Experian Marketing Services recently conducted a market research study and learned that email marketing trumped all other tactics as the most successful initiative during the 2011 holiday season. Of the 84.2 percent who used email marketing, 95.8 percent reported that their campaigns were successful. Ninety-three percent said they planned to increase or maintain the same level of investment for the 2012 season. In addition to email, the study showed that paid search and online display advertising were the next most successful marketing tactics of the 2011 holiday season, with 48.9 percent naming search and 34.8 naming online display advertising as extremely or very successful campaign tactics. Our internal experts are currently looking at real-time data around these and other marketing channels and will present what they’ve learned during a live webinar on Thursday, October 25th at 1:00 p.m. EST. This information should prove very helpful to marketers who want to improve their campaigns based on current trends and results. Register for the holiday webinar and you’ll receive all of the survey data in the form of a 2012 holiday marketing white paper. Here’s to a joyous and profitable holiday season!
Experian Marketing Services pinpoints rising social network sites in new study – Instagram and Pinterest lead the pack According to a new study by Experian Marketing Services, niche social networks significantly increased their market share of all visits to social sites, with Instgram and Pinterest leading the pack. The following graph illustrates the global growth between July 2011 and July 2012, based on share of visits to all sites by country: Social site North America Australia Hong Kong New Zealand Singapore UK Instagram 17,319% 362% 132% 843% 8121% 2028% Pinterest 5124% 798% 2373% 643% 623% 1489% Other niche social networks that have experienced significant gain include Stock Twits in the US, Redidt in Australia, and FanPop in the UK. According to Bill Tancer, head of Global Research at Experian Marketing Services, the growth of Instagram and Pinterest over the past year has been successful because they haven’t tried to be ‘another Facebook.’ Both networks are image based – something people love and relate to better than just words. For retail brands, sites like Pinterest present a great opportunity to promote products in a compelling and organized way to a wide group of people, globally. Deeper functionally, combined with a lower technical barrier to entry, will result in new leaders in social media being created, accepted and used within a matter of days – compared to the rate of adoption happening now over the course of weeks and months. Also included in the study for July 2011 to July 2012: Country Social network Description Percentage increase of market share of visits to All Sites between July 2011 to July 2012 North America www.skillwho.com Social networking community which allow users to find people with skills from friends, friends of friends, local area or the community. 7435% increase http://stocktwits.com StockTwits is an open, community-powered investment idea and information service. 943% increase Australia www.reddit.com Site where users vote for what is popular or not. 177% increase Brazil Google+ Google+ integrates social services such as Google Profiles, and introduces new services identified as Circles, Hangouts and Sparks. 5750% increase New Zealand www.reddit.com Site where users vote for what is popular or not. 107% increase Singapore https://steamcommunity.com Community site that assists users in finding games to play, people to play against, and serves as a meeting place for friends and team mates. 124% UK Google+ Google+ integrates social services such as Google Profiles, and introduces new services identified as Circles, Hangouts and Sparks. 476% http://www.fanpop.com Network of fan clubs for fans of television, movies, music and more to discuss and share photos, videos, news and opinions with fellow fans. 178% What social networks do you use most frequently? Do the results of this study surprise you at all? Feel free to share your thoughts with our readers in the comments section below.