Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
Americans are still spending more time on Twitter.com than ever before. According to Experian Simmons estimates, Americans spent an estimated 2 hours and 12 minutes tweeting and reading tweets on Twitter.com in November 2010.
As we ring in the New Year this week, Americans will be tossing back a few adult beverages in celebration. While alcohol consumption certainly increases around holidays and other times of celebration, many Americans imbibe year-round. So where across this great land of ours are you most likely to find adults willing and able to raise a glass (or two) and where are you most likely to be surrounded by teetotalers? Experian Simmons has the answer. Leveraging data from our SimmonsLOCAL study, we examined the drinking patterns of adults of legal drinking age in the 106 Designated Market Areas (DMAs) with populations of at least 500,000 adults age 21 and older. We then ranked those markets by the number of alcoholic beverages consumed by the average adult during a typical month. The chart below lists the DMAs that consume the most alcoholic beverages per capita in a typical month. First place goes to Boston, where the average adult of legal drinking age regularly kicks back 14.4 drinks a month. (Celebrations in Beantown are probably already underway.) Rank DMA Average drinks per month 1 Boston 14.4 2 Austin 13.8 3 Providence-New Bedford 13.4 4 Madison 13.2 4 Hartford & New Haven 13.2 6 Philadelphia 13.1 7 Chicago 13 8 Denver 12.9 9 Tallahassee-Thomasville 12.8 9 Milwaukee 12.8 11 Minneapolis-St. Paul 12.6 11 West Palm Beach-Ft. Pierce 12.6 11 Seattle-Tacoma 12.6 11 Tucson (Sierra Vista) 12.6 15 Green Bay-Appleton 12.5 16 San Diego 12.4 16 Baltimore 12.4 16 Washington, DC 12.4 16 Albany-Schenectady-Troy 12.4 20 New Orleans 12.3 20 St. Louis 12.3 20 Colorado Springs-Pueblo 12.3 23 Burlington-Plattsburgh 12.2 23 Syracuse 12.2 23 Norfolk-Portsmouth-Newport News 12.2 23 Spokane 12.2 23 Portland-Auburn 12.2 Source: Experian Simmons Adult residents of the markets listed below surely know how to have a good time-it's just unlikely to include a cocktail. The chart below lists the DMAs that consume the fewest alcoholic beverages per capita in a typical month. Residents of Chattanooga consume only 6 alcoholic beverages per month, on average, making it the least imbibing market-and probably the one that feels the best the morning after a big gathering. Rank DMA Average drinks per month 106 Chattanooga 6 105 Salt Lake City 7.2 105 Florence-Myrtle Beach 7.2 105 Charleston-Huntington 7.2 105 Tri-Cities, TN-VA 7.2 101 Knoxville 7.4 100 Lexington 7.9 99 Birmingham 8 98 Huntsville-Decatur 8.5 97 Nashville 8.9 97 Evansville 8.9 95 Paducah-Cape Girardeau-Harrisburg-Mt Vernon 9.1 94 Springfield, MO 9.2 94 Tulsa 9.2 94 Greenville-New Bern-Washington 9.2 91 Memphis 9.3 90 Greenville-Spartanburg-Asheville-Anderson 9.4 90 Jackson, MS 9.4 90 Wichita-Hutchinson Plus 9.4 86 Little Rock-Pine Bluff 9.5 86 Louisville 9.5 86 Ft. Smith-Fayetteville-Springdale-Rogers 9.5 83 Fresno-Visalia 9.6 82 Greensboro-High Point-Winston Salem 9.7 82 Roanoke-Lynchburg 9.7 Source: Experian Simmons For more information on SimmonsLOCAL's vivid reporting of consumer behaviors, attitudes, lifestyles and media consumption in 209 Designated Market Areas down to the ZIP code level, visit our website.
Registered Republicans and Democrats have different TV program preferences. But a majority of highly rated Nielsen programs seem to clearly skew Republican. Which TV programs does each group prefer, and what are the common threads among the two groups?