Information security A must!
Companies increasingly give more attention to information security. It has become more important for companies because of security incidents, increasing dependency on computers and new developments on the Internet. But once information security is on the agenda, it is often difficult to spot the problems and take a decision.
If you also find this difficult, we recommend carrying out a risk assessment in your company. It gives you an insight into how secure your data systems really are. If your company has plans to expand the data system, for example on the Internet, these plans should also be examined to see if they are secure enough. A risk assessment reveals the gaps in the security of digital information. The assessment concentrates on three aspects of information security:
- Confidentiality, because information may leak out;
- Integrity, because information for clients or the management may be misleading or incomplete;
- Availability, because calamities may cause the system to fall out.
If one of these aspects fails to be secure, the reputation of your company may be tarnished, which in turn may damage your financial position. In the worst case, the continuity of your company is at stake. In other words, it is crucial to take good care of security.
We use the Code of Information Security, a worldwide standard, to give structure to the risk assessment. We also use it to determine which measures should be taken. In order to assess whether Internet applications are secure enough, we use a special e-business standard, which enables companies to carry out secure transactions via the Internet that are easy to monitor.
Another aspect of information security in the Netherlands is the Wet Bescherming Persoonsgegevens (Protection of Personal Details Act), which has recently come into effect. It might be a good idea to check if your company complies with this law.
As you may have already read, we recently employed an IT auditor. His name is Dennis Utermark and he specialises in information security. Dennis can conduct a risk assessment for your company and advise you on which steps to take. He can also tell you more about the Protection of Personal Details Act. Furthermore, he gives presentations to management teams and offers a complete training geared to the IT department.
If you want more details or an appointment, call (036) 52 33 0990 or send an e-mail to info@hoffmann-srm.nl. The Update will of course continue to inform you on the latest developments in information security.
