You might argue that effective defences, particularly those in line with the best practices described in ISO 27001, are a lot of hard work and red tape that don’t help you turn a profit. But you’d be wrong. Here are five reasons why.
2018 saw some of the biggest data breaches yet, with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. It was also the year of the GDPR (General Data Protection Regulation), which changed the way organisations handle customers’ personal data and introduced hefty fines for non-compliance. However, the Regulation didn’t seem to reduce the number of data breaches: there were approximately 2.3 billion last year, compared to 826 million in 2017…….
Let’s Encrypt is a Certificate Authority (CA) that provides free certificates for Transport Layer Security (TLS) encryption, thereby enabling encrypted HTTPS on web servers. It simplifies the process of creation, validation, signing, installation, and renewal of certificates by providing a software client that automates most of the steps—Certbot.
In this tutorial, you will use Certbot to set up a TLS/SSL certificate from Let’s Encrypt on a CentOS 7 server running Apache as a web server. Additionally, you will automate the certificate renewal process using a cron job, which you can learn more about by reading How To Use Cron To Automate Tasks On a VPS.
Companies who legitimately take far reaching efforts to safe guard customer’s information are at a loss to explain the efforts they take to safe guard data. One of the easiest way to assure customers that their data is safe is to get certification to ISO 27001;2013. This international standard although has been released earlier than ISO 9001:2015 has now been brought to align with ISO 9001:2015 through corrections in 2015, thus facilitating companies to have integrated management systems if they so desire. One solution to assure customers is to have an Information Security Management System (ISMS) in place.
FSSC22000 is a Food Safety Management System (FSMS) recognized by Global Food Safety Initiative (GFSI) which includes international food safety requirements covered in ISO 22000:2018 and Good manufacturing practices mandated by FDA and reproduced in TS 22002-X (X relates to the section of TS 22002 to be chosen by respective sector in Food chain). “This rule, which became final in September 2015, requires food facilities to have a food safety plan in place that includes an analysis of hazards and risk-based preventive controls to minimize or prevent the identified hazards.” The last extension for compliance has expired in Sept’2018. Now s manufacturing, storing packaging must comply.