German anti-virus distributor hacked – How you can step up your security.March 21st, 2013 by Paul Stebbings
Anti-virus developers Avast have denied that they were responsible for a breach of a German distributor’s website: www.avadas.de. The reported hack leaked information including website admin login information and what could be the PayPal payment information for an estimated 20,000 customers.
The more important the data is, the greater the risk associated with its loss. So an all-encompassing approach to information security is required to fully protect information. The solution, an Information Security Management System (ISMS) aligned to international best practice methodology.
ISO (International Organization for Standardization) defines an ISMS as: “A model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving the protection of information assets to achieve business objectives based upon a risk assessment and the organization’s risk acceptance levels designed to effectively treat and manage risks”
ISO 27001 is the best practice specification for an ISMS and sets out the requirements for which an ISMS can be audited and certified.
Achieving ISO 27001 certification can be a time-consuming and complex project. The documentation required to create a conforming ISMS can be up to 1,000 pages.
Gaining ISO 27001 certification can be simplified. We create toolkits that provide all of the pre-written documents you need which can be tailored to suit your organisation. Toolkits are often cheaper than one day’s consultancy fee and enables you to become your own expert.
|No 3 Comprehensive ISO27001 ISMS Toolkit (Download)Packed full of pre-written documentation and templates that including: Policies, procedures, processes, work instructions, forms & records which will save you time and money.
As well as pre-written documents and templates the No 3 Comprehensive ISO27001 ISMS Toolkit also includes:
- IT Governance: an International Guide to Data Security,
- ISO 27001 in a Windows® Environment, Second edition,
- vsRisk – the Cybersecurity Risk Assessment Tool (includes a year of software support).