Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
Tapad Device Graph™ and Sojern’s mobile offering unify travel intent signals; achieve amplification rate of more than 600 percent NEW YORK, June 15, 2017 — Tapad, a part of Experian, the leader in cross-device marketing technology, is partnering with Sojern, travel’s direct demand engine, to provide marketers with an even stronger understanding of travelers as they research and shop across multiple devices. Combined with its 350 million global traveler profiles and billions of predictive purchase intent signals, Sojern utilizes the Tapad Device Graph™ to resolve the complex travel consumer journey, target travelers more precisely, and derive more actionable insights for its travel clientele. According to Sojern’s research, travelers visit hundreds of websites preceding their trip purchase, with some consumers reaching upwards of 450 touchpoints prior to booking. Sojern’s partnership with Tapad will help unify these touchpoints across devices, enabling travel brands to more effectively nurture and engage potential buyers during the purchase process, regardless of which device they use. “Sojern’s been focused on travel for over a decade, helping brands activate predictive purchase signals and leverage our traveler profiles into effective performance marketing campaigns,” said Mat Harris, Sojern’s VP of Product, Enterprise Solutions. “The cross-device insights we gain from the Tapad Device Graph provide a valuable tool for our customers to reach travelers across devices in real-time and at scale, on the right device.” Prior to selecting Tapad as its cross-device partner, Sojern surveyed several probabilistic and deterministic cross-device vendors and performed an extensive global test. The test was an examination of scale, match rate and several other factors, which enabled Sojern to learn as much as possible about each vendor. After examining the final test results, Sojern selected Tapad based on its excellent test performance, tried-and-true experience in the market and complimentary business model. To date, Sojern has already seen an amplification rate of more than 600 percent as a result of the integration, meaning that the Tapad Device Graph is connecting an average of six or more device and browser IDs for every one existing Sojern ID. “Not only is Sojern a compatible partner for our singular Device Graph capabilities, but they are also an incredible data partner to help expand our work in the travel industry,” said Pierre Martensson, SVP and GM of Tapad’s global data division. “Working with the team at Sojern allows us to solve a true challenge within the travel industry today: creating a unified view of customers so travel brands can better understand and access their key audiences at every point along their path to purchase.” Contact us today!
Leading data insights and cross-device-powered services bridge mobile insights with connectivity to drive real-time consumer intelligence NEW YORK, May 17, 2017 /PRNewswire/ — Tapad, now a part of Experian, the leader in cross-device marketing technology, has partnered with Resonate, a leading provider of real-time consumer intelligence and activation SaaS solutions. Through this partnership, Resonate will leverage the Tapad Device Graph™ to capture a deeper understanding of its mobile app audiences and provide brands with a more direct connection to their intended consumers. The integration of Resonate and Tapad's technologies equips mobile app brands with insights into their consumers' values, beliefs, motivations and purchase drivers. As a result, mobile app brands will better understand how to tailor messaging, drive advertising engagement, increase lift in performance across mobile consumers and ultimately boost revenue and returns. Utilizing the advanced data that the Tapad Device Graph™ provides, Resonate will create an Identity Service that connects mobile IDs to Resonate IDs for reporting insights both in-platform and out. To date, Tapad and Resonate have already driven incremental device connections for nearly 60 percent of customer profiles with an amplification rate of more than 120 percent, resulting in more than 400 million net new IDs within Resonate's user base. "After testing multiple partners over the course of 12 months, it was clear that Tapad was the partner for us, given their ability to provide cross-device connectivity for more than one billion unique IDs against our consumer base," said Joel Pulliam, SVP and chief product officer at Resonate. "In addition, Resonate customers have an inherent trust in Tapad's mix of probabilistic and deterministic mobile connectivity data to provide a unified understanding of their mobile audiences." "Partnering with Resonate will not only provide its brands with a more in-depth and actionable understanding of its consumers, but it will also allow our clients to connect with mobile consumers on a deeper level," said Pierre Martensson, SVP and GM of Tapad's global data division. "Resonate is not just answering the question of 'how' consumers are making purchases, but also tackling the more difficult question of 'why' they make certain buying decisions to best inform mobile brands about their audiences." Contact us today!
Spring is here! For some of us, spring means the return of warm weather, for others it signals a time to clean out the clutter or, a time for more outdoor activities. Successful marketers know that just as spring habits vary, so do seasonal buying patterns. Marketers should take advantage of advanced marketing tools to capitalize on consumer spending around the changing seasons. There are three areas that will help you deliver the most value to your customers throughout the year: preference data, message relevancy, and a mobile-first approach. Preference data Spring is a great time to gather preference data as “spring cleaning” inspires consumers to research and purchase new items as they begin purge their closets of last season’s look. Collecting information from your customers about the types of products they are interested in will enable you to accurately tailor the content you send them through the remainder of the warm weather seasons. Message relevancy Differences in climate and culture affect style preferences from city to city. To give your customers a tailored experience, use their preference data to delivery personalized content and product suggestions. By using dynamic content tools and filters in your marketing automation platform, you can be sure the right content is presented at the right time, to different audiences within the same campaign. Personalizing your communication shows your customers that you understand their needs and preferences, builds brand trust, and long-term loyalty. Mobile first With the thaw of winter, spring inspires activity and productivity – with so much to do, your customers have more reasons to be on the go. This is the perfect time of year to scale up your mobile PUSH and SMS campaigns to reach consumers wherever they are. Consider adding triggers based on location data from visits to your mobile app or visits to your site from a mobile browser. Triggering a message to your customers while they’re near your store is a powerful way to drive relevant messaging and purchase intent. Focusing on these three core areas will help you deliver the most value to your customers through the season and throughout the year. Learn more about how our team of experts can help with comprehensive marketing strategies that will take your marketing to the next level.