It’s a jungle out there. Companies face constant data and information security threats, whether in the form of malware, phishing attacks, cyber criminal activities, or even human error – yet there are surprisingly few agencies prepared to implement the management processes that will guard against them.
MarketOne decided last year to embark on a project to implement ISO27001 across its global activities – a process that culminated in our successful certification on 5th October.
What does ISO27001 mean?
In short, it means peace of mind. Every company is increasingly interested in gathering data on customers and prospects: the more you know your customer, the better you can serve their needs. But the massive increase in data volume held and used by marketing organisations has both raised the stakes and increased the margin for error. What if the data gets into the wrong hands?
We’ve all seen the data horror stories: Whether it is about sensitive Excel files leaked via email or confidential documents recycled rather than shredded, it happens on a daily basis. We can either hope it doesn’t happen to us, or put processes in place to prevent it. The ISO27001 certification is not mandatory. But we felt it was something we had to do. So not only is our own data now more secure but also – and more importantly – we know that every client that chooses to work with us benefits from the most robust management processes to prevent the chances of information security problems.
In the words of ISO Acting Secretary-General Kevin McKinley “ISO/IEC 27001 has become a common language for organizations to protect their information and is now a leading standard for international certification in information security.” Information and data security is a global issue, and MarketOne is delighted to be able to offer clients the reassurance of management processes that are certified to internationally agreed standards.
How we did it
We decided to apply for ISO certification in late 2015. It was a rigorous, three stage process. First it involved developing a comprehensive Information Security Management System (ISMS) – a framework of procedures that we would use to protect our clients against loss or damage to their data. We then embarked on a global training exercise to bring all MarketOne staff up to speed with the system. This was duly followed by the independent certification process – where assessors not only examined the ISMS itself, but sought proof that it was understood and implemented across the organization. The process wasn’t quick. It wasn’t easy. But we felt that our clients would want it – and that they deserved it.
“These days, nobody in our business can afford to take risks when it comes to information security”, explains Enrico Brosio, President MarketOne International LLP. “The clients I speak to want to know that partners like us have proper, certified processes in place. We run globally integrated programs for them. We handle their data. We take that job very seriously, and wanted to make the ultimate statement to our current and future clients that we are doing everything possible to minimize their risk.”