When people think of information security they normally think of keeping information secret or confidential. But this is only one of the areas that an ISO27001:2013 Information Security Management system asks you to consider when reviewing your management and control of information. The three pillars of Information Security Management are Confidentiality, Integrity and Availability. Considering all three, CIA, leads to a robust system for managing information.
Taking Almir Business as an example. A key component of Almir’s service to clients is AlmirLive , our online management system. When developing AlmirLive we looked as the those 3 pillars of information security
Confidentiality – with a strong password control system , encrypted transfer of data and different user level access rights the system can ensure information is only available to the appropriate people.
Integrity – With strong back-up policy and no manipulation of data AlmirLive ensures that the correct information is available and by having a central source it minimises risk of users using outdated procedures.
Availability– Hosted in the cloud it ensures that the information is available where and when you need it whether in the office or outside of normal business hours.
Because we recognise the importance of the data we hold for clients have implemented ISO27001:2013 and are delighted to have just successfully completed our latest 3 year re-certification audit. Having an ISMS in place has had its benefits. For example , risk review and risk management in terms of CIA is a key element of the standard. As our customers see the benefits of AlmirLive we have seen higher need for storage for existing customers and we are adding new customers on a constant basis. Our risk review led us to identify the need to update our storage capacity by 50% for AlmirLive. Our ISMS ensured this change was carefully planned and our increase in capacity was successfully completed early May with minimal disruption.
It is a good news story for Almir that our clients see the benefits of AlmirLive as the core of their management systems. It is good news for our clients that by having a ISO27001:2013 accredited ISMS in place that we are effectively managing and improving our systems to ensure the confidentiality, integrity and availability of their management system data.