Just a few weeks after TalkTalk's high-profile security breach, another large company has fallen victim to hackers. Hong Kong-based company VTech announced that its Kidizoom smartwatch and InnoTab may have exposed customers to identity theft, with the details of over 6 million children being stolen.
With internet-capable devices for children (such as those produced by VTech) becoming ever more popular, it is worrying to see that manufacturers' security systems are possibly leaving some of the youngest, most vulnerable members of society at risk. According to cyber security expert Tom Kellermann, children can sometimes present an attractive target for fraudulent claims due to their clean credit record and the possibility of a longer life in front of them.
While the information acquired by the hackers has yet to turn up on forums where such data is sold, the damage inflicted on both parents and VTech itself may already be too late to reverse. Customers will still be left shaken by the possibility that personal information about their children is being shared amongst criminals, while VTech (who are already seeing a fall in stock prices) can surely expect to see a drop in sales and use of its services as a direct result of the breach.
As these two latest examples of internet security hacks have highlighted, failure of security systems (particularly where customer details are concerned) can launch your business into the public eye for all the wrong reasons, potentially causing you to lose trade from future and existing customers.
To avoid finding yourself in a similar situation with your own business, it is vitally important to implement an information security management system that's compliant with ISO 27001 standards. This helps your company to better manage sensitive information, minimising the risk of a security breach. To find out more about how NPT Management Systems can help you achieve this, please get in touch today.
There's been a lot of talk about online security of late. You've probably heard about the 'cyber attack' that wreaked havoc on TalkTalk's database last week, leaving customer's personal details potentially vulnerable; today, it's being reported that private customer details were, for a short while, visible to people using the Marks & Spencer website.
At the present time, it's not clear whether or not the M&S website was breached by external forces, but the TalkTalk incident alone is proof enough that information security must be a crucial concern for all modern businesses. Customer details, if held, must be held securely; failure to do this may result in a loss of trust, a loss of business, and a loss of revenue in the event of a data breach (for instance, a lot of TalkTalk customers have been frantically trying to change their phone and broadband suppliers in the wake of the attack).
In this respect, recent events all serve to highlight the importance of a robust information security management system. The global ISMS standard is ISO 27001, and working towards ISO 27001 certification is a very good way to ensure that your company's information is safe, secure, and protected at all stages by an airtight management process.
If you want to avoid a data breach of your own, we recommend that you contact NPT Management Systems today - we will help you design and implement an ISO-compliant information security management system that keeps your information (and, more importantly, that of your clients) safe from security breaches and leaks.
We live in the age of information, and if you're a business owner in 2015, chances are that much of your crucial company information is stored digitally. For this reason, information security management is a key consideration for businesses of all sizes; poor information security could put entire your company in jeopardy at the drop of a hat, and a comprehensive ISMS (Information Security Management System) will help you to address and deal with any and all potential threats.
The international standard for information security management systems is ISO 27001. To achieve ISO certification for your ISMS, you'll need to do the following:
- Plan: Carry out a risk assessment and plan how you will address any potential problems with your current information security system
- Do: Implement your plan of action and ensure that your ISMS meets the needs of your business
- Check: Review the efficacy of your improved ISMS and identify any areas where further improvement could be made
- Act: Make the necessary changes to ensure that your ISMS is completely optimised
(The last two points - Check and Act - will be carried out repeatedly over time once your ISMS is in place.)
Implementing an ISO 27001-certified information security management system within your company is important if you wish to protect your business and its 'information assets'. Since information security relies on people as much as on technology, it is important that you communicate the ISMS plan throughout your entire company once it is in place, ensuring that every employee at every level knows how to keep everything as secure as possible.
NPT Management Systems can help you to plan and implement your information security management and achieve ISO 27001 certification for your business. Click here to learn more, or get in touch to speak with a member of our team.