Another day and another loss of trust for customers with their personal information being breached. This time it is Carphone Warehouse who follow hot on the heels of other high profile data breaches. Imagine the cost both financially and reputationally for Carphone Warehouse now…..are you sweating because this could have been your organisation? Well there are ways to help mitigate and address the risk.
Fortunately Alliantist has a good reputation in the markets we have chosen to operate and our customers trust us. I’m very proud about that. It’s not just about who we are as people, although of course that is important. It is also about the safeguards and standards we put in place to give those stakeholders confidence in our overall services; the people, the processes, the systems and increasingly the supply chain too. I have no idea if the respectively breached businesses of Carphone Warehouse have ISO 27001 but they will no doubt be considering that, or improvements to its operation now.
Regardless of what business you are in, if you supply an important service to a customer it is likely you will be dealing with their information or other high value assets. This might be credit card information as is the case with consumer services like mobile phone websites, or even more sensitive details held in platforms such as pam.
Because their information is important to them, customers will value you more if you can demonstrate good strong safeguards and accreditation to standards such as ISO 27001. At a business to business level this really is becoming de rigueur, but also I also look for it in the providers of apps and website consumer transactions I undertake on line too – not just their data centre host. Caveat Emptor is still an important principle to have in mind even if your credit card provider will ultimately bear the brunt of the actual loss of cash!
In 2012 we decided to implement ISO 27001 and did so successfully very quickly to the 2005 variant. Two years later we migrated to the latest ISO 27001: 2013 standard, again to meet the exacting UKAS accreditors demands. It has helped us become an even better business.
ISO 27001 continues to be seen as the standard to achieve. Indeed smart customers are demanding it for the reasons above. Failure to demonstrate that safeguard may mean your business will not survive. If you are looking to build trust with clients and demonstrate that you are a responsible supplier as regards information security management, achieve an ISO 27001 accreditation as a good safeguard.
We achieved our Information Security Management System (ISMS) with pam. It is the cloud solution to implement, maintain and continually improve our system. To learn more about how we did it and see pam in action, get in touch. We can share our experiences of how to develop those safeguards that go a long way towards building trust with your customers and prospects.