ISO 27001 Controls: Developing Secure Apps The importance of privacy and security When you’re developing an application, it is important to consider how it handles user data. Our sister company, Invotra, is used by various UK government departments, including the Home Office, which uses Invotra to store highly sensitive data. With that inContinue reading “ISO 27001 Controls: Developing Secure Apps”
Category Archives: Risk
Product Update: Risk Management
Product Update: Risk Management With its user-friendly interface, you’ll be able to quickly filter risks, assign responsibilities, set categories, and track impact scores Introducing our new risk management functionality We’re excited to announce the new risk management system which has been added into the Inverifi app. This new system aims to provide you, the user,Continue reading “Product Update: Risk Management”
Conducting an ISO 27001 Risk Assessment
Conducting an ISO 27001 Risk Assessment Identifying your organisation’s risk is key to strengthening its defence What is an ISO 27001 Risk assessment? A risk assessment is a process of identifying and evaluating the risks that could potentially compromise the security of an organisation’s sensitive information. It involves identifying the assets that need toContinue reading “Conducting an ISO 27001 Risk Assessment”
A Beginner’s Introduction to ISO 31000: Risk Management
A Beginner’s Introduction to ISO 31000: Risk Management Risk management is important to maximize your organization’s potential. What is ISO 31000? ISO 31000 is a universal set of standards related to risk management (which is defined as the identification, evaluation and prioritisation of risks). It offers principles and guidelines for organisations seeking to manage professionalContinue reading “A Beginner’s Introduction to ISO 31000: Risk Management”
ISO 27001 Controls: Network Security
ISO 27001 Controls: Network Security Any organisation that works with interconnected computers would be wise to take network security into consideration. Nearly all organisations work with interconnected computers in some capacity. Remember, not every computer has a keyboard and mouse. From your mobile phone, to your TV remote, and even your credit card, nearlyContinue reading “ISO 27001 Controls: Network Security”
ISO 27001 Controls: Software Management
ISO 27001 Controls: Software Management Privacy terms and policies Your work computer probably has a bunch of restrictions in place. These restrictions probably prevent you from installing software. They may also block access to certain websites. These restrictions can often be very frustrating. I remember encountering them on school computers. I would attempt toContinue reading “ISO 27001 Controls: Software Management”
ISO 27001 Controls: Supplier Relationship
ISO 27001 Controls: Supplier Relationships There are key factors to consider when working with a supplier. Securely exchanging data with third parties Most organisations handling sensitive data will find themselves sharing this data with other organisations, for various reasons. At Inverifi, and our sister companies, we host our apps on AWS. We place our customers’Continue reading “ISO 27001 Controls: Supplier Relationship”
ISO 27001 Controls: Unique Passwords
ISO 27001 Controls: Unique Passwords Keep your data secure by using unique passwords The Importance of Unique Passwords If you have many online accounts, for any purpose, you should always use a unique password for each one. If you work for an organisation that complies with ISO 27001, it will require that you haveContinue reading “ISO 27001 Controls: Unique Passwords”
ISO 27001 Controls: Physical Security
ISO 27001 Controls: Physical Security Keep your keycard safe and avoid malicious actors Hold onto your office keycard If you work for an organisation that takes security seriously, then, in all likelihood, physical security is an important consideration for each and every employee. For you, this probably means taking reasonable measures to prevent unauthorised peopleContinue reading “ISO 27001 Controls: Physical Security”
ISO 27001 Controls: Shoulder Surfing
ISO 27001 Controls: Shoulder Surfing Is shoulder surfing just a cheeky behavior, or could be a threat to your sensitive information? If you’re working with potentially sensitive data in a public location, you need to consider that other people may be able to see what’s on your screen. ISO 27001 control A.6.2.1 requires that an organisationContinue reading “ISO 27001 Controls: Shoulder Surfing”
