Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
My Experian Marketing Services’ colleagues and resident data experts Bill Tancer and Marcus Tewskbury answered the above question for marketers during our recent 2012 Holiday Planning Webinar. The webinar recapped key 2011 holiday marketing results, plus featured trends, benchmarks and recommendations for a successful and profitable 2012 holiday shopping season.
Even though most kids haven’t even completed their current school year, now is the time for retailers to start preparing their 2012-2013 back-to-school marketing strategies.
Facebook has become a cultural phenomenon over the years and an object of affection for marketers to connect with its users. Experian Simmons has put together 10 consumer behavioral stats based on their National Consumer Study and New Media Study about the social networking site leading up to its Friday IPO launch: 39% of Facebook users say “this website gives me something to talk about.” Top 3 reasons Facebook users visit social networking sites: 86% to keep in touch with friends 72% for fun 66% to reconnect with/find people they’ve lost touch with 78% of Facebook users have shown support for a group or business on a social networking site. 34% of Facebook users have played games on a social networking site. Among those: 73% play social games (like Farmville, SIMS social, etc) 68% play casual games (like Bejeweled, etc) 73% play games on a social networking site once or more a day 28% of Facebook users with cell phones and 42% of Facebook users with a tablet computer have downloaded a social networking app for the device Adult residents of the following Designated Market Areas (DMAs) with 1,000,000 or more adult residents are the most likely to have visited Facebook in the last 7 days: ) Seattle-Tacoma, WA Austin, TX Salt Lake City, UT Portland, OR Washington, DC 15% of Facebook visitors follow a musical group on a social networking site, 14% follow a TV show, 11% follow a newspaper or news outlet and 4% follow a magazine. The average Facebook user is 39.3 years old. The average Facebook user claims an annual household income of $69,900 with annual household spending on discretionary goods and services of $15,500. Hispanic users of Facebook are 55% more likely than non-Hispanic users to say they like to follow their favorite brands or companies on social networking sites. Don’t miss 15 stats about Facebook, previously posted on the Experian Marketing services blog. . For more information like the data provided above please download the Experian Marketing Services 2012 Digital Marketer report.