Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
Facebook has become a cultural phenomenon over the years and an object of affection for marketers to connect with its users. Experian Simmons has put together 10 consumer behavioral stats based on their National Consumer Study and New Media Study about the social networking site leading up to its Friday IPO launch: 39% of Facebook users say “this website gives me something to talk about.” Top 3 reasons Facebook users visit social networking sites: 86% to keep in touch with friends 72% for fun 66% to reconnect with/find people they’ve lost touch with 78% of Facebook users have shown support for a group or business on a social networking site. 34% of Facebook users have played games on a social networking site. Among those: 73% play social games (like Farmville, SIMS social, etc) 68% play casual games (like Bejeweled, etc) 73% play games on a social networking site once or more a day 28% of Facebook users with cell phones and 42% of Facebook users with a tablet computer have downloaded a social networking app for the device Adult residents of the following Designated Market Areas (DMAs) with 1,000,000 or more adult residents are the most likely to have visited Facebook in the last 7 days: ) Seattle-Tacoma, WA Austin, TX Salt Lake City, UT Portland, OR Washington, DC 15% of Facebook visitors follow a musical group on a social networking site, 14% follow a TV show, 11% follow a newspaper or news outlet and 4% follow a magazine. The average Facebook user is 39.3 years old. The average Facebook user claims an annual household income of $69,900 with annual household spending on discretionary goods and services of $15,500. Hispanic users of Facebook are 55% more likely than non-Hispanic users to say they like to follow their favorite brands or companies on social networking sites. Don’t miss 15 stats about Facebook, previously posted on the Experian Marketing services blog. . For more information like the data provided above please download the Experian Marketing Services 2012 Digital Marketer report.
Today, it costs more than $40 to send a five pound package from the U.S. to Canada or Mexico. The cost to Europe or South America is even more expensive. For U.S. companies operating on a global scale, such as retail specialists or ecommerce organizations, address accuracy is crucial. Organizations can’t afford undeliverable mail and packages due to a wrong address – the total cost would be unmanageable. Mistakes happen frequently, whether it is an error by the company or the customer. If a mistake is made, companies can’t ask the customer to cover delivery fees, leaving the organization with the bill. Retailers must also consider potential delays due to long distances and custom checks. Altogether, address errors result in a poor customer experience and a decrease in efficiency. Implementing international address verification will save money, time and improve the customer experience. By combining primary address data from national postal authorities with partner-supplied data, businesses can verify international addresses from countries all around the world.
On April 22nd, Americans and many of their terrestrial counterparts in countries around the world will celebrate Earth Day, a tradition that was started in the United States by Wisconsin Senator Gaylord Nelson in 1970. Much has changed on the planet since the first Earth Day, and even in recent years attitudes continue to evolve when it comes to our outlook towards the environment. In 2007, Experian Simmons created the GreenAware consumer segmentation, which classified respondents to the Simmons National Consumer Study between 2005 until 2007 into one of four mutually exclusive segments based on their consumer behaviors and attitudes toward the environment. Since then, Experian Simmons has continuously classified all adult respondents into the GreenAware segments providing our clients with valuable insights into the evolution of the environmental movement. The four GreenAware segments are: Behavioral Greens: This group of people thinks and acts green. They have negative attitudes towards products that pollute and incorporate green practices into their lives on a regular basis. Think Greens: This group of consumers think green, but don’t always act green. Potential Greens: This group neither behaves, nor thinks along particularly environmentally conscious lines and remains on the fence about key green issues. True Browns: They are not environmentally conscious, and may in fact have negative attitudes about environmental issues. Since 2005, we have observed a nearly constant increase in the percent of U.S. adults who are classified as Behavioral Greens, the “greenest” segment of the four. Today, 33% of adults are Behavioral Greens, up from 27% who were classified as such in 2005. Meantime, Think Greens have maintained an almost perfectly constant 21% share of the population. The size of the True Browns segment has also remained constant at between 14% and 15% of the total adult population. The Potential Green segment, however, has steadily declined in market share from 39% in 2005 to 31% today. La Vida Verde Hispanic Americans have traditionally been ahead of the curve when it comes to green thoughts and deeds and they’re only getting greener with time. Today, 39% of Hispanic adults are Behavioral Greens, up from 33% in 2007. Just 32% of non-Hispanic adults are Behavioral Greens today, up from 29% who fell into the greenest segment in 2007. Interestingly, among the True Browns segment there are virtually no Hispanics to be found, and, in fact, while the True Brown population is actually growing among non-Hispanics, Hispanics are increasingly moving to greener segments. Specifically, just 1.3% of Hispanics are True Browns today, down from 8% who registered as such in 2007. By comparison, 17% of non-Hispanics are True Browns today, up from 14% in 2007. Green Today, Greener Tomorrow? The illustration below shows the alignment of America’s largest metropolitan areas with the four GreenAware segments today and in 2007. We see that residents of the San Francisco-, New York- and Miami-areas are the most likely to be in alignment with the Behavioral Green mindset today. Denizens of Washington, D.C., Los Angeles, Chicago, Philadelphia and Boston tend to fit more closely with the Think Green set that has green attitudes and intentions, but not always the actions to back it up. But things are changing. In fact, since 2007, we’ve seen that as local minds change, some cities become aligned with a different, often greener, segment. Let’s look at Chicago, for instance. In 2007, Chicagoans’ environmental outlook was more reflective of a mix of Potential Greens and True Browns. Since then, local attitudes have changed so much that Chicago-area residents are now more aligned with Think Greens and Behavioral Greens. Likewise, Cleveland, which was clearly a True Brown town in 2007, now falls in step with the Potential Green segment. In five years’ time, who knows? Cleveland could be America’s next green leader. Not brown now towns Looking at markets large and small with the biggest drop in concentration of True Browns, we see that attitudes in inland markets located in Gulf States have become disproportionately less brown since the Deepwater Horizon oil spill in 2010. In fact, seven of the ten Designated Market Areas (DMA) that saw the biggest decline in the percentage of their population classified as True Browns between 2007 and 2011 are inland markets in states bordering the Gulf of Mexico. While the oil didn’t directly reach these markets, the attitude change did spread: For example, 3.2% of adults residing in the Columbus-Tupelo-West Point, Mississippi DMA today are classified as True Browns, down from 19.3% who were categorized as such in 2007. In Macon, Georgia, while not a Gulf State, a more impressive shift took place. In 2007, the Macon, Georgia DMA had the fourth highest percentage of its population classified as True Browns (20.1%) out of 209 DMAs. Today, only 5.8% of area residents are True Browns, which makes it the market with the 10th lowest concentrations of True Browns in the nation. Macon still has one of the lowest shares of residents who are Behavioral Greens in the nation, but what a difference a few years makes. While the towns directly in the path of the oil spill are not among those with the biggest relative decline in True Browns, area residents’ attitudes did take on a greener hue since the spill. Today, 8.4% of residents in Panama City are True Browns down from 17.3% in 2007. Likewise, only 9.8% of adults in both the Mobile-Pensacola and Biloxi Gulfport DMAs are True Browns down from 17.3% and 19.0%, respectively, who fell into the least green segment prior to the spill. Learn more about Experian Simmons consumer segmentation offerings