BUSINESS STANDARDS
is the quarterly magazine of BSI Group, highlighting the vital role that standards play in today's business environment. Regular features include interviews with leading business figures, as well as news on the latest developments in management systems and standards.
Numerex: information in safe hands
03 Jun 2008
Topics: Information security, ISO/IEC 27001, USA
In January 2008, Numerex Corp became the first machine-to-machine (M2M) information security provider in North America to earn certification ISO/IEC 27001:2005, the international standard for information security, ensuring data confidentially, integrity and availability. Numerex Corp provides solutions and network services for data communications between machines.
According to Stratton Nicolaides, chairman and CEO of Numerex, the certification is a critical milestone in Numerex's history and for the M2M industry across the board. Achieving ISO/IEC 27001:2005 confirms that the company is responsive to the emerging market needs in the transport and processing of M2M data and holistic M2M security best practices, he said in the company's formal announcement of the certification.
Customer needs
Numerex pursued ISO 27001 certification for three primary reasons, according to Alain Louchez, vice-president of strategic management for Numerex.
"The first reason was validation," he says. "Numerex wanted to be able to demonstrate to the world that its information security framework had received the stamp of approval by the international community and that an outside, third-party had made the assessment."
Numerex also sought certification because it was responding to the increased market requirements in terms of better protection for information: "When you look at major trends in our industry, information security is certainly one of the most important ones," Louchez explains. "Strengthening our information security through certification help us meet these growing requirements."
The last significant reason for pursuing ISO 27001 involved market distinction: "Numerex wants to differentiate itself from its competitors," he says. "We are building a trusting relationship with our customers, and obviously, we think ISO 27001 can help us to engender that faith and confidence."
Although the certification was just recently issued, Louchez says the company has already experienced added value from ISO 27001: "We strive to promote an excellent relationship or rapport with our clients, suppliers, and partners, and ISO 27001 helps us achieve that."
Numerex has benefited from the process of getting certification, he adds, noting that implementing the Information Security Management System (ISMS) has significantly helped the company in its daily activities. Through the implementation process, Numerex has developed a system in a very orderly fashion that will bolster the company's ability to better meet its customers' needs.
"We are using numerous well-tailored control objectives that contribute to shaping a very efficient environment," he says.
For example, Numerex "has woven into its IT screening the ISO 27001 perspective," noting that ISO 27001 provides the backbone that allows Numerex to do an effective and efficient job.
Louchez points out that Numerex has approached its implementation in phases, using the ISO 27001 management system to tightly structure the IT focus of the organization.
"We are the company that offers the broadest choice of secure M2M network services and solutions... ISO 27001 further supports this point," Louchez concludes.
Business Standards © 2008. Editorial produced by Caspian Publishing in association with the British Standards Institution. Editorial opinions expressed on are not necessarily those of BSI Group or Caspian Publishing. Neither Caspian Publishing nor BSI Group accept responsibility for advertising or editorial content, nor for that appearing on linked third-party websites. Reproduction in whole or in part is forbidden without written permission from BSI Group or Caspian Publishing.
Kitemark® for furniture removers
Ever had to move office? Ever struggled with your moving company and wished there was a better way to find a reliable supplier? There is an answer: BSI Product Services, working with the British Association of Removers (BAR), has published PAS 126:2008, covering commercial furniture removal activities.
New web standards: first in class
In a world first, BSI British Standards and UK web compliance expert Magus have launched PAS 124 Defining, implementing and managing website standards, a Publicly Available Specification that aims to improve the effectiveness of corporate websites through a new best practice approach to the application and management of website standards.
In May 2008, BSI British Standards was presented with the Continuity Insurance & Risk (CIR) Award for Industry Advancement for its work in developing BS 25999, in recognition of the outstanding contribution made by BSI to the world of Business Continuity Management. CIR is the UK's leading bi-monthly risk management and insurance journal. This ceremony marked the tenth anniversary of the awards, which recognize excellence in business continuity and operational risk management.
Audatex UK, a leading provider of insurance claims management solutions, has become the first company in the world to simultaneously attain certification to ISO/IEC 27001 Information Security Management and BS 25999 Business Continuity Management from BSI Management Systems.
The Newport call centre for the Yellow Pages 118 24 7 directory enquiries service from international directories business Yell, has achieved certification to the CCA Global Standard.
We are under increasing pressure to comply with a growing number of regulations and to maintain growth - while under greater scrutiny than ever before. How can this be good for business?
We are all in the risk management business. In the current climate, as consumers we are encouraged to claim compensation or sue for damages for almost any negative incident we encounter.
Have a standards-related question for BSI or a comment on the website? We'll find the right person to answer.
