30th October 2017
This standard has been very effective in preventing or mitigating data breaches and the risk of ransomware.
Ransomware is where a virus or other malware is allowed to get onto your server or PC/Laptop/tablet. It searches for any data such as word, excel etc and encrypts them with a large password. The criminal then demands a payment in return for the Password, usually in untraceable Bit Coins. In some cases the password is not given and you are therefore out of pocket and still faced with systems locked out. If you don’t have excellent computer backup systems then you are in real trouble.
The recent attacks paralysed the NHS and other organisations around the world. It was apparent that organisations using Windows XP were particularly vulnerable.
The Information Standard ISO 27001:2013 looks quite easy to achieve on the face of it but the code of practice contained in ISO 27002 shows a different story. This details how each element of the standard can be achieved.
Having 27001 certificated makes compliance to the new GDPR (General Data Protection Regulation) much easier.
The route to certification to ISO27001 is certainly not cheap but trying to “do it yourself” is fraught with obstacles.
We at Quality Matters have been providing consultancy in ISO27001 for many years and can boast that all our clients moving forward to certification passed the assessment at the first attempt. We also provide auditing and preparation for GDPR as well.
The risks of data loss or compromise can be very expensive indeed and the costs of putting in a robust system far outweigh the costs of non-compliance. Damage to reputation can put an organisation out of business, not to mention the GDPR fines which will be up to twenty million Euros or up to 4% of global turnover.
Please contact us if you need any help with ISO27001 and/or GDPR.
Heybridge Business Centre
110 The Causeway, Heybridge
Essex CM9 4ND
T: 01621 857841
M: 07702 193788
© 2020 Quality Matters Ltd. All rights reserved. Responsive Design