is the online magazine of BSI Group, highlighting the vital role that standards play in today's business environment - delivering ROI, saving costs, improving quality and mitigating risk. Features include interviews with leading business figures, as well as news on the latest developments in management systems, standards, testing, healthcare and certification.
Numerex: information in safe hands
03 Jun 2008
Topics: Information security, ISO/IEC 27001, USA, Americas
In January 2008, Numerex Corp became the first machine-to-machine (M2M) information security provider in North America to earn certification ISO/IEC 27001:2005, the international standard for information security, ensuring data confidentially, integrity and availability. Numerex Corp provides solutions and network services for data communications between machines.
According to Stratton Nicolaides, chairman and CEO of Numerex, the certification is a critical milestone in Numerex's history and for the M2M industry across the board. Achieving ISO/IEC 27001:2005 confirms that the company is responsive to the emerging market needs in the transport and processing of M2M data and holistic M2M security best practices, he said in the company's formal announcement of the certification.
Customer needs
Numerex pursued ISO 27001 certification for three primary reasons, according to Alain Louchez, vice-president of strategic management for Numerex.
"The first reason was validation," he says. "Numerex wanted to be able to demonstrate to the world that its information security framework had received the stamp of approval by the international community and that an outside, third-party had made the assessment."
Numerex also sought certification because it was responding to the increased market requirements in terms of better protection for information: "When you look at major trends in our industry, information security is certainly one of the most important ones," Louchez explains. "Strengthening our information security through certification help us meet these growing requirements."
The last significant reason for pursuing ISO 27001 involved market distinction: "Numerex wants to differentiate itself from its competitors," he says. "We are building a trusting relationship with our customers, and obviously, we think ISO 27001 can help us to engender that faith and confidence."
Although the certification was just recently issued, Louchez says the company has already experienced added value from ISO 27001: "We strive to promote an excellent relationship or rapport with our clients, suppliers, and partners, and ISO 27001 helps us achieve that."
Numerex has benefited from the process of getting certification, he adds, noting that implementing the Information Security Management System (ISMS) has significantly helped the company in its daily activities. Through the implementation process, Numerex has developed a system in a very orderly fashion that will bolster the company's ability to better meet its customers' needs.
"We are using numerous well-tailored control objectives that contribute to shaping a very efficient environment," he says.
For example, Numerex "has woven into its IT screening the ISO 27001 perspective," noting that ISO 27001 provides the backbone that allows Numerex to do an effective and efficient job.
Louchez points out that Numerex has approached its implementation in phases, using the ISO 27001 management system to tightly structure the IT focus of the organization.
"We are the company that offers the broadest choice of secure M2M network services and solutions... ISO 27001 further supports this point," Louchez concludes.
Business Standards © 2010. Editorial produced by Caspian Publishing in association with The British Standards Institution. Editorial opinions expressed on are not necessarily those of BSI Group or Caspian Publishing. Neither Caspian Publishing nor BSI Group accept responsibility for advertising or editorial content, nor for that appearing on linked third-party websites. Reproduction in whole or in part is forbidden without written permission from BSI Group or Caspian Publishing.
A clear case for carbon neutrality
"Carbon neutral" sounds good on paper, but what does it really mean? Organizations are making claims about carbon neutrality for everything from products to travel, events, projects and buildings. The problem is that no one quite agrees what "carbon neutral" means or how far it extends.
Security is a challenge at the best of times for a retail bank. If you offer services via the internet, security becomes even more complicated. For Barclays UK Retail Online Banking, information security is at the core of their business, which is one of the main reasons the organization pursued and achieved certification to ISO/IEC 27001 Information security from BSI.
Airbus in the UK has achieved certification to BS 25999, the Business Continuity Management (BCM) standard, following an audit from BSI. The certification covers Airbus? wing manufacturing site in Broughton, North Wales and becomes the first aerospace manufacturing company to receive certification to this standard by BSI.
Sapphire earns a standards hat-trick
Sapphire Energy Recovery, the waste processing and resource recovery business owned by Lafarge Cement, has achieved certification to three management systems standards (ISO 9001 Quality management, ISO 14001 Environmental management and BS OHSAS 18001 Health and safety management) from BSI. Sapphire is the UK's leading processor of used tyres, and sources and manages the logistics of a range of waste-derived fuels and raw materials for the cement industry.
How do you put a price on a brand? An international standard in the making will provide a consistent, reliable approach to brand valuation.
Question: Are health and safety issues at risk of being lost in the current financial turmoil?
When business isn't going well - whether it's due to a recession or simply because a company is going through a slow patch - there is a temptation to cut costs by cutting corners. Instead of treating an issue like product and consumer safety as vital to a organization's growth and reputation, it can become just another expense or regulatory requirement.
Have a standards-related question for BSI or a comment on the website? We'll find the right person to answer.
