Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
To set your brand apart from the competition (and thrive!), you need to get to know and communicate with your customers on a more personal level—this means knowing more than just their email or mailing address. It means building a relationship with them to turn them into loyal customers who keep coming back. To make this happen, retail marketers must engage with customers across all verticals and invest in true data-driven advertising. Consider the following: What do my customers do? If you know more about your customers’ lifestyles, interests and spending habits, you will have a better understanding of how they choose to spend their money and free time. Once you understand your core customer base, you can move on to how and when you should reach them. This starts with segmenting your customers and then reaching them across their preferred channels. You should then learn what motivates your customers in order to understand their buying behavior. Do they buy items spontaneously or do they spend a lot of time researching? Do they only buy things with a coupon or is free shipping more important? Lastly, determine what marketing is showing ROI so you can optimize your marketing campaign. To ensure your efforts are showing results and your marketing budget is getting the most bang for the buck, attribution is critical. Retailers should strive to get more value out of existing data, supplement it with third-party sources, and find better ways to manage it and extract valuable insights. Experian’s Customer Data Engine is the perfect solution to assist retailers with this challenge. This customer data platform helps provide you with a complete picture of online and offline customer engagement and delivers the data, tools, and insights needed to make decisions on reaching customers and lookalike prospects. Customer Data Engine is a centralized platform where first- and third-party data is managed and updated on an ongoing basis in a secure environment, providing retail marketers with analytical tools, lookalike prospects, campaign management, audience distribution and closed-loop measurement. Once retail marketers have a deeper understanding of what they need to know about their customers, they can create customized audiences using this data. Retailers value first-party data and often look at it first. Usually, this refers to online data about customer activity on a website or app, and can come from form and email submissions, views of merchandise or devices and things people searched for online. Although first-party data is gold, there is almost always additional information needed to fill in gaps. For instance, the need for recency, frequency and monetary (RFM) data is crucial. RFM data is a way for retailers to analyze their customers by using recency (how recent the customer made a purchase), frequency (how often a customer makes a purchase) and monetary data (how much money a customer spends on purchases). It gives the retailer the details of when the last time the customer made a purchase, how often does the customer make a purchase and how much did the customer spend. With this information, they will know who their most valuable customers are and be able to create customized audiences. To get a deeper understanding of your customers, solutions such as Experian’s ConsumerViewSM database can be leveraged to provide you with demographics, life event triggers, purchase data, lifestyle segmentation data and more. With thousands of data attributes available, it can take any business to the next level. According to global research firm, Coresight Research, retailers in the United States have announced 5,994 store closures in just the first 15 weeks of 2019. Changing consumer demands, and a volatile economy have made it difficult for retailers to keep pace. However, retail is not going to go away, and brands just need to be smarter about how they conduct business. Making sure you know and understand your customers is one of the ways to ensure repeat visits and set yourself apart from the competition. By enriching your data with 3rd party data from Experian, Customer Data Engine allows you to know and target your customer the same way that Direct to Consumer brands and retailers can and provides you with a full 360-degree view on what your customers are doing and how they are interacting with your brand. To learn more about Experian’s Customer Data Engine, contact us at (877) 902-4849 or experianmarketingsolutions@experian.com to learn more.
For decades, financial institutions relied on direct mail marketing and mass media for credit card offers and invitations to apply (ITA) for loans. Today however, credit marketing is going digital. In fact, according to Statista, financial services ranks 3rd in total digital ad spend this year. Lenders need to deliver relevant credit offers to consumers in the spaces and platforms where they interact. Below are three best practices to help financial services marketers make the most of their digital budgets and strategies. 1. Test new acquisition channels Consumers are no longer just in one place. They are constantly moving around and business strategies need to encompass that. Today’s consumers have multiple devices – a mobile phone, a TV, a laptop, a smartwatch, etc. and each of these devices uses a different tactic to attract consumers. Marketers need to reach their audience across all the channels with which they are engaging. To maximize performance and profitability, lenders need to leverage multiple channels to target and re-target their intended audience. They need to expand the reach of tailored prescreen ad campaigns by adding email, digital display ads, or other online channels to the traditional direct mail channel. This will help increase response rates, decrease length of time to conversation, and provide insight on consumer behaviors and preferences that cannot be achieved with a direct mail offer alone. 2. Target an audience that is right for you. Through a streamlined credit criteria selection process, and Experian’s expertise in audience creation, you now have the power to target the best consumers for your business needs in a fully customized approach. Financial services marketers should isolate appropriate populations – enabling you to make unique offers for different consumer segments and target them in the channels they leverage. In addition, you need to ensure your data is accurate and compliant. Fresh, accurate data enables you to pre-select the best prospects for your business need—right when they are most motivated to respond—and avoid making preapproved offers to nonqualified consumers. Also critical is that while we are able to use regulated data sets to reach consumers, we need to do so with extra caution while meeting FCRA guidelines. It is imperative to honor consumer opt-outs across all channels and ensure you have audit rights with media publishers. The Experian Ascend Technology Platform gives financial institutions the power to integrate client data, industry-specific data feeds and the power of Experian’s unique capabilities in data, analytics, machine learning and advanced AI to deliver enhanced opportunities throughout the customer lifecycle, including lending offers to acquire new customers and cross-sell to existing ones. 3. Test and adjust your campaigns Before the world of digital, it was difficult for financial institutions to track campaign impact on audiences. By employing online promotions, lenders can see how much interaction consumers are having with their promotional media. Financial services marketers should take processes and campaigns that have worked in the past and perform small, iterative tests using different channels. We believe that by adding a digital touch to a client's direct mail prescreen campaign, there is the potential to experience a lift above direct mail response rates; decreased length of time to conversion, and we can provide insight on consumer behaviors and preferences that cannot be achieved with a direct mail offer alone. It is important to test and optimize accordingly. Experian is also at the forefront of the digital credit revolution with Amplified Prospecting™. Experian’s Amplified Prospecting empowers lenders to deliver relevant firm offers of credit to prescreened consumers via multiple digital channels, including email, online display advertising and social media. Simply put, it allows you to timely engage the most desirable consumers where they’re increasingly consuming information and media today – improving your response rates and return on marketing investment. Experian is a leader in the credit revolution, offering more ways for consumers to secure credit including the industry-first Text for Credit™, which allows users to initiate and complete the credit application process within minutes with a simple text message. In addition, Experian recently introduced Experian Boost, a revolutionary new online tool that can instantly improve your credit scores and help the 100 million Americans that don't have access to credit today, either because their credit scores are too low, or because they don't have enough credit history. With faster, more efficient data integration and processing you can more accurately target leads, achieve better response rates, and optimize your marketing spend. To learn more about Experian’s Financial Services solutions, contact us at (877) 902-4849 or experianmarketingsolutions@experian.com to learn more!
Sixty-Nine Percent Organic Sales Growth Spurred by Expanded Business and Continued Investment in The Tapad Graph™ NEW YORK, May 7, 2019 /PRNewswire/ — Tapad, a part of Experian, a global leader in digital identity resolution, today announced a record start to the year, following its highest earning year in the company's history. Since January, Tapad has experienced a 69 percent organic increase in global revenue; with strategic investments in talent, continued high retention rates, and an expanded range of clients across global markets. Globally, Tapad increased its client base across multiple categories and verticals, catering to agencies, brands, telecoms, and data providers. The Tapad Graph™'s varied use cases and differentiated global scale have been instrumental to the company's overall success to-date. With an ongoing investment in product, and expected feature releases slated for 2019, the company anticipates these accomplishments to continue. "Since the inception of our business, Tapad has heavily focused on enabling marketers to boost the performance of their campaigns with the help of our advanced digital identity resolution technologies," said Sigvart Voss Eriksen, CEO at Tapad. "While we continue to grow, creating privacy-safe solutions that solve marketers evolving needs remains integral to our evolution. As pioneers in cross-device, we're constantly innovating and pushing ourselves to be at the forefront of industry change. Our leadership in the space is recognized across the industry, as is evident by our current success." In addition to partner expansions, Tapad also invested in new talent. In February, Tapad announced Ajit Thupil as the company's first Senior Vice President of Identity, deepening the company's commitment to creating ground-breaking digital identity resolution products for brands, agencies and platforms. Tapad's investment in talent has been recognized by One World Identity's 2019 Top 100 Influencers in Identity Award and by ClickZ's 2019 Marketing Technology Awards. "At Tapad, our focus is on continuously advancing our digital identity resolution products to cater to the needs of marketers across industries," said Chris Feo, SVP of Global Data Licensing and Strategic Partnerships at Tapad. "As a part of that commitment, we are consistently growing our partner base, product features, and widening our reach on a global scale. We're excited to sustain our growth throughout 2019." To learn more about Tapad and our digital identity resolution products, visit Experian.com Open job opportunities across the globe can be found on Tapad's career page here: https://www.experian.com/careers/ About Tapad Tapad, Inc. is a global leader in digital identity resolution. The Tapad Graph™, and related solutions, provide a privacy-safe approach to connecting device identifiers to brand and marketer data, thereby allowing marketers around the world to maximize campaign effectiveness. Tapad is recognized across the industry for its innovation, growth and workplace culture, and has earned numerous awards, including the TMCnet Tech Culture Award. Based in New York, Tapad also has offices in Chicago, London, Oslo, Singapore and Tokyo, and is a wholly owned subsidiary of Telenor Group. Contact us today!