- Customers are being protected and informed through confidentiality, integrity, and the availability of attack data.
- That our program aligns with more than 140 controls to identify, investigate, and act on potential security incidents.
- That annual risk assessments are completed to ensure threats are handled properly.
For us to earn an ISO 27001 certification, independent auditors test our information security program against all those controls. That means we need to clearly identify risks, set clear objectives on what needs to be achieved with information security, and define the safeguards and mitigation efforts that will handle the risks.
Plus, ISO 27001 requires that we show how we regularly measure our information security controls and that we are continuously working to improve security.
What is ISO 27701?
ISO 27701 is in the same family of certifications as ISO 27001. The main difference is that an ISO 27701 certification adds data privacy into the mix along with information security. An important reason for this is to evaluate controls related to the European Union’s (GDPR).
While ISO 27701 is not a literal GDPR certification, it does Spain Business Email List show that Email on Acid and InboxReady have a privacy program in place that meets similar requirements to the regulation – and that we are continually working to improve data privacy.
Data privacy is crucial
In the world of email. As a customer or user, not only do you want your personally identifiable information (PII) protected, but you also need to protect the data of your customers and subscribers. That includes their email addresses.
Dan Ross leads the team responsible for much UAE Cell Number of this and works directly with the auditors. He understands why GDPR is such a big deal to email senders.