Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
The vast majority of Facebook visitors—like most Internet users—say they like websites that take special care to protect their privacy. Yet as the popularity of Facebook grew during 2009 among both younger and older adults, there was a general waning in visitors’ advocacy of online privacy. In fact, the share of Facebook visitors sensitive to privacy protection experienced a 9% relative decline between January and November of 2009. That decline may have continued, were it not for a series of privacy policy updates issued by the social networking giant. In November 2009, Facebook changed its default settings to publicly reveal a larger than before amount of its users’ information. Then in December 2009, the privacy settings were entirely removed from certain categories of users' information. And lastly, in April 2010, users’ General Information became publicly exposed whenever they connected to certain applications or websites, a move that seriously angered many Facebook adherents. Following these changes, the share of Facebook users who are sensitive to privacy protection rose. Specifically, between November 2009 and April 2010, the percent of users who like sites that protect their privacy increased a relative 7%. Facebook’s decision to return, and even simplify, control over privacy settings to account holders may appease users, but whether a subsequent drop in support of online privacy will ensue down the line is far from certain.
Same-sex marriage is a hot button topic no matter on which side of the issue you stand. But there can be no denying that same-sex couples are finding an expanding number of options in the U.S. and abroad should they decide to legally wed. The 2010 LGBT Consumer Report explores the household arrangements and behaviors of America's LGBT consumers—in particular, those associated with marriage—compared to America's heterosexual population. You will learn that despite being less than half as likely to be married, lesbian, gay and bisexual adults are 22% more likely than their "straight" counterparts to have recently wed or to be planning nuptials for the next year. Looking for that perfect gift for the newly wed couple? You will also get some shopping tips for identifying favored retailers of lesbian, gay and bisexual shoppers. We'll start by sizing the LGBT market. An estimated 3.7% of the non-Hispanic adult population (7.1 million adults) self-identifies as LGBT, which can be broken down as follows: The average heterosexual adult lives in a household with 1.9 other individuals, including adults and kids. By comparison, the average lesbian shares her home with only 1.6 other people. Gay men live in the smallest households, sharing their home with only one other person, on average. Over a third of gay or bisexual men (38%) share their home with at least one other adult male, compared with only 24% of heterosexual men who live under the same roof as another adult male. Thirty-five percent of gay or bisexual men say they live with one (and only one) other adult male, a living arrangement that has a higher chance of consisting of a same-sex, co-habiting couple. Over half of lesbians or bisexual women (53%) share their home with at least one other adult female, compared with only 23% of heterosexual women who live under the same roof as another adult female. Forty-three percent of lesbian or bisexual women say they live with one (and only one) other adult female, a living arrangement that has a higher chance of consisting of a same-sex, co-habiting couple. Lesbian, Gay and Bisexual adults (LGB) as a group are less than half as likely as heterosexuals to be married. Only 26% of LGB adults are wed, compared with 57% of “straight” adults. Of all LGB adults, bisexuals are the most likely group to be married, with over 4 in 10 reporting they are presently wed. Lesbians are more than four and a half times more likely than gay men to be married, with 23% of lesbians having tied the knot versus only 5% of gay men. Lesbian, gay and bisexual adults as a group are 22% more likely than heterosexual adults to have either tied the knot in the last 12 months or have plans to wed in the coming year. 5.7% of lesbian, gay or bisexual adults are newly weds or “soonly” weds vs. 4.6% of heterosexual adults. Lesbian, gay and bisexual adults are twice as likely to shop at Neiman Marcus, making the department store the number one retailer with a wedding registry program among LGB shoppers. With many retailers ending their registry programs in favor of gift cards, we looked at how stores without registry programs stack up among lesbian, gay and bisexual shoppers. LGB adults are almost twice as likely to shop at J. Crew, making the store the number one retailer without a wedding registry program among LGB shoppers.