With data becoming the lifeblood of modern day businesses, securing this information should be at the top of any organisation’s to-do list.
Standards are designed to bring order to that security; you’ll inevitably be handling not just your own information, but that of customers and third parties, so it’s vital that you’re able to demonstrate an appropriate level of data protection, to show that you can be trusted with such sensitive material.
There’s no one standard to which every organisation must comply; rather, the specific standard you seek to meet will be determined by things like the reason for seeking compliance, the data you wish to protect, the owners of that data, and many other variables of your situation.
With data becoming the lifeblood of modern day businesses, securing this information should be at the top of any organisation’s to-do list.
Standards are designed to bring order to that security; you’ll inevitably be handling not just your own information, but that of customers and third parties, so it’s vital that you’re able to demonstrate an appropriate level of data protection, to show that you can be trusted with such sensitive material.
There’s no one standard to which every organisation must comply; rather, the specific standard you seek to meet will be determined by things like the reason for seeking compliance, the data you wish to protect, the owners of that data, and many other variables of your situation.
What does compliance look like?
That depends on the standard you’re guided by. Common information security standards include:
Laying down the basic requirements of a robust information security management system (ISMS), the International Organisation for Standardisation (ISO) provides perhaps the most widely used information security standard in the world.
This is the New Zealand Government’s handbook on how to build and maintain safe, secure and functional information systems for all governmental departments and organisations.
The non-profit Center for Internet Security has a prioritised list of 20 basic, foundational and organisational controls designed to protect organisations and their data from known cyberattack vectors.
Working with some of the public’s most sensitive and personal information, health and medical organisations are quite understandably held to a high standard when it comes to data security, which is laid out by New Zealand’s Health Information Standards Organisation (HISO).
This health-focused standard, by US-based HIPAA Journal, is designed to secure electronic protected health information (ePHI) and personally identifiable information (PII).
There are a number of reasons why you might be seeking to comply with an information security standard, such as:
But no matter your motivation, and no matter the standard to which you’re looking to comply – whether the five mentioned above or another – at Stratigence we can assist your organisation in ensuring that the information that needs to be secure, is secure.
There are a number of reasons why you might be seeking to comply with an information security standard, such as:
But no matter your motivation, and no matter the standard to which you’re looking to comply – whether the five mentioned above or another – at Stratigence we can assist your organisation in ensuring that the information that needs to be secure, is secure.