Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
With all the debate and speculation regarding Groupon and its planned IPO, I thought it would be a great time to check back in with our previous analysis of traffic to Groupon and its nearest competitor Living Social. First, to be clear, the above chart measures web-based traffic to both domains and does not include mobile or app specific traffic. Regardless of these exclusions, the drop-off in Groupon traffic this summer has been significant nearly 50% since its peak in the second week of June 2011 compared to last week. During the same time, Living Social has achieved 27% growth in visits to its site. Overall visits to a custom category of Daily Deal & Aggregator sites were down 25% for the same time. So why is there a narrowing of the gap between the two market leaders in group coupons? Perhaps it is simply a case of increased number of competitors and deal fatigue among consumers or simply not enough of the right deals. PriceGrabber® released results from its Local Deals Survey in June, stating that 44% of respondents said they use or search daily deal Websites. However, 52% expressed feeling overwhelmed by the number of bargain-boasting emails they receive on a daily basis. While consumer fatigue may be one factor another key consideration for these sites is to focus on the attracting new and preferred audience segments via the inbox. Currently the audience segments for both Groupon and Living Social are very similar so it will be interesting to see how both sites and category perform heading into the holiday season.
Newton was only half right: Objects in motion tend to stay in motion, but objects at rest are increasingly becoming mobile. That’s the case, at least, when it comes to the world of today’s mobile consumer. According to exclusive research from Experian Simmons, fully 29% of cell phone owners today believe that their cell phone will be the primary device for their entertainment needs, in the future. Furthermore, a recent report by J.P. Morgan estimates that U.S. mobile ad spending will nearly double in 2011 to $1.2 billion. Screen size and limitations on creative, the report says, present obstacles to mobile advertisers. These obstacles and opportunities make it more important than ever for marketers to understand the behaviors and mindset of the mobile consumer. In this first in a series of blog posts, we will explore some key findings presented in the 2011 Mobile Consumer Report recently published recently by Experian Simmons. Media outlets have started to take note, citing the report in articles here and here. Come back to this blog frequently for further updates, or download the full report today. Mobile Market Overview Cell phone ownership among American adults stands at 91%, up from 72% in 2006. The vast majority of teens, too, have joined the mobile revolution, with 74% of those ages 12 to 17 porting a portable phone, up from 59% in 2006. Even tots are getting into the act, with a reported 22% of kids ages 6 to 11 owning a cell phone today. Among adults ages 22 to 24, the idea of not owning a cell is virtually unheard of, with an astounding 98% of consumers in this bracket reporting personally owning a cell phone. While cell ownership among adults age 65+ is the lowest of any adult segment, it is the fastest growing, having increased a relative 52% between 2006 and 2010. Despite the rise in youth owning cell phones, 90% of all mobile phone owners in the U.S. are adults, a rate unchanged since 2008. Percent of Americans that own a cell phone, by age Mobile Service Providers Verizon maintains its position as America’s number one cell phone service provider, with 32% of all adult mobile phone owners saying they are Verizon subscribers as of May 23, 2011. AT&T also has a sizable share of the market, with 28% of mobile phone owners subscribing to AT&T for cell service. Battling for third place are Sprint and T-Mobile, which respectively claim just 11% and 10% of the mobile market. Smaller, often regional, providers may individually have fewer subscribers, but combined, claim an impressive 22% of the total cellular market. Verizon and AT&T will almost certainly continue to dominate the market, especially given the fact that cell phone subscribers are increasingly staying with their provider for an extended period of time. As of May 23, 2011, the average cell phone subscriber had been with their provider for 3 years and 2 months, up from 2 years and 11 months observed at the beginning of 2008. Furthermore, 59% of cell phone subscribers say they’ve been with their current provider for at least 4 years, up from 46% who reported the same in early 2008. 59% of cell phone subscribers say they’ve been with their current provider for at least 4 years Service Providers’ Share of Cell Phone Subscribers Click here to learn more about obtaining vivid consumer research from Experian Simmons and don’t forget to check back here for new blog posts on mobile consumers.
The popularity of flash sale websites with limited time & inventory offerings have grown exponentially over the two years. Online shoppers’ love for the thrill of snagging designer clothing, home décor, travel and even wine have caused visits to the category to increase 368% in July 2011 as compared to the same month two years ago and 109% one year ago. So far in 2011, Nordstrom acquired HauteLook, Amazon entered the fray with MyHabit and recently Saks Fifth Avenue announced the launch of a dedicated flash sale website after offering sale events per week on Saks’ main website. In July 2011, Zulily.com, a website offering sales targeted for women and babies/kids, captured the highest market share of visits at 16%, followed by Ideeli and LivingSocial Escapes. Amazon’s MyHabit ranked 11th, out of the 87 websites in the custom category after only 2 months in operation. Several of the major players over the past six months, the total visits to Ideeli increased 42%, Gilt.com up 14% and Nordstrom’s Hautelook up 8% for July 2011 as compared to February 2011. Total visits for MyHabit jumped 128% for July 2011 as compared to May 2011 when the website launched. The audience for Flash Sales continues to be attractive, and willing to shop – over-indexing against the online population for household incomes over $100k and creditworthy VantageScores of A and B.