In light of this, we discovered some interesting stats around data security:
- According to a recent survey carried out in the UK across organisations, it was found that 81% of large organisations and 60% of small businesses had experienced a security breach in the last year.
- The average cost of a data breach is $3.86 million.
- “More than 70% of people would reveal their computer password in exchange for a bar of chocolate. 33% said they shared passwords or wrote them down”.
With the impact of poor data security so significant, yet with such obvious risks existing across every business, it's important that event planners select technology partners they can trust.
So we're delighted to announce we have just received our ISO 27001 Certificate of Registration as part of our ongoing commitment to client data protection.
A major motivation for gaining the standard was the sectors we work in and size of organisations we work with. The standard is especially suitable where the protection of information is business critical, such as in the banking, financial, healthcare, pharmaceutical and public sectors.
We have also released our eBook which dives into the detail of selecting the very best event tech suppliers. With a myriad of similar solutions out there, why not use data security as a key differentiation?
What is ISO 27001?
Whilst most organisations have a number of information security controls, they tend to be disorganised and disjointed in part due to being implemented with specific situations in mind or as a matter of convention.
In contrast, an ISO 27001 information security management system is a systematic and proactive approach to managing risks to the security of our sensitive information.
What does in entail?
ISO 27001 covers more than just IT. It requires us to:
- Regularly examine information security risks, taking into account the threats, vulnerabilities and potential impacts.
- Design and implement a coherent and comprehensive suite of information security controls and other forms of risk treatment to address those risks that we deem unacceptable.
- Adopt an overarching management process to ensure the information security controls continue to meet our information security needs on an ongoing basis.
The standard consists of 114 controls. These individual controls show whether we are out of scope or have policy and procedures in place and evidence to satisfy that control. Each control has an additional four aspects to consider.
Part of the certification process required an external body to assess us and requires re-certification checks to ensure nothing our attention to detail has not slipped and we continue to mitigate risk. It is recognised globally as the hallmark of best standard Information Security Management.
What does this mean to you?
- You can be sure of our continual integrity to safeguarding confidential data and do everything we can to keep data secure.
- Our processes are in the vanguard of business, legal, contractual and regulatory requirements across the sectors we work in. We update as regulations update.
- We have clearly defined roles and responsibilities resulting in the streamlining of our operations. This means we have more time focusing on what matters most … hitting your next event out of the park!