Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days). In a move that’s meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates [...]
ISO 27001 is a framework for managing IT security. Whilst it doesn’t sound exciting, ISO 27001, known under its full title as ISO/IEC 27001: 2013, is an information security management system (ISMS) that helps keep consumer data safe in the private sector and government departments.
ISO 27001 has been around a while, superseding the original ISMS compliance framework that came into effect in 2005. This was updated in 2013, to reflect the changing nature of IT security and new threats against organisations and consumers.
With a 360 view of an organisation in place, we can determine an ISMS scope document, the boundaries of these policies (including considering the impact of the bring your own device – BYOD – trend) and write ISMS policies following ISO 27001 standards.
ISO 27001 need resources for successful implementation. Budgets need to be allocated and staff fully trained and competent when it comes to delivering within the framework of the security objectives and policies. These should always be in line with the threats facing your organisation. Small businesses don’t have the same risk matrix as large government departments: design your security policies according to your internal and external threats.
LET THE PROS HELP YOU!
