Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
Contact us today
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
We asked the experts about hashed email. What is email hashing? Do we need to hash email addresses in databases? What can we expect for hashed identifiers?
While the weather outside is frightfully hot this summer, it’s never too soon to start thinking about the holidays – and consumers are more likely to start their holiday shopping early this year. To get you ready for the 2022 holiday shopping season, we looked back at consumer shopping trends from 2019-2021. What did we learn and what trends do we expect to see this year? Let’s look back. A look back Over the last three years, average consumer spending has increased. Record 2021 holiday sales came amidst a wave of COVID-19 cases, rising inflation, labor shortages, and supply chain problems. Despite these challenges, consumers continued to let it snow when it came to spending during the holiday season. 2022 has been a year with its own economic roadblocks – the war in Ukraine, rising gas prices, and recession concerns. Yet 2021 was a banner year for holiday sales despite its obstacles, and we predict similar trends in the 2022 holiday shopping season. What trends do we expect to see for the most wonderful time of the year? 2022 predictions While consumer spending remains strong, changing economic conditions continue to shape shopper behavior. To develop our predictions for 2022 holiday shopper behavior, we focused on four key areas: When consumers shop Where consumers shop What consumers purchase Consumer media preferences Now, let's make our holiday campaign planning checklist and check it twice. When consumers shop Chestnuts roasting on an open fire. Jack Frost nipping at your nose. Those aren’t the only ways to know when the holiday season has begun. Shoppers tend to spread out their holiday purchases across multiple months and were more likely to start shopping earlier. To understand holiday retail sales trends from 2019-2021, we identified four shopper segments: Early Shoppers Traditional Shoppers Late Shoppers Random Shoppers What differences did we see between our four shopper segments? Early shoppers made almost half of their holiday purchases in October Random shoppers spread out their holiday purchases evenly across multiple months Late shoppers made almost half of their holiday purchases in December Traditional shoppers made almost half of their holiday purchases in November While December continues to dominate holiday sales, October has started to gain traction over the last three years, and November remains a core shopping month. Everybody knows a turkey and a mistletoe help to make the season bright but knowing when your consumers are most likely to shop will help deck your campaign planning halls. Jingle bell rock your way to holiday sales that shine bright with our tips to prepare for earlier shoppers: Offer targeted promotions earlier in the shopping season Target your ads based on the shopping habits of your customers throughout the season Where consumers shop There’s no place like home for the holidays but most consumers aren’t shopping from home. Despite the rise in online shopping, brick and mortar locations continue to dominate holiday sales. October is the most popular month to take a one-horse open sleigh to a store, and consumers gather around the fire to online shop in November and December. With most shoppers preferring to shop in-store, and e-commerce popularity growing, it’s critical to think about bridging the gap between your online and offline presence for the consumer. Are you offering multiple paths to purchase with solutions such as BOPIS (Buy Online, Pickup In-Store)? Go down in history like Rudolph with our tips to prepare for more in-store shopping: Focus on in-store shopping experience technology (self-checkout, VR, QR codes, scan to pay, etc.) Offer multiple paths to purchase to connect your online and physical presence through methods such as BOPIS (Buy Online, Pickup In-Store), BORIS (Buy Online, Return In-Store), and ROPO (Research Online, Purchase Offline), etc. What consumers purchase When it comes to holiday gifts, for some, only a hippopotamus will do. Compared to pre-pandemic, shoppers are spending more at apparel stores and mass retailers. Spending at specialty retailers, warehouse clubs, and on office, electronic, and games is almost the same across holiday and non-holiday shopping months. Time for toys and time for cheer may be year-round, but are there any correlations between where consumers shop (online vs. in-store) and what they purchase? Our data found that shoppers who bought from mass retailers were more likely to shop online, while shopping for apparel and warehouse clubs was done at a physical store location. Put this insight to the test by thinking through how you can target your consumer based on where they shop in-store and online. You just might find that hippopotamus at a brick and mortar mass retailer location! Consumer media preferences Do you see what I see? While we are seeing a shift to digital media channel preference, consumers still engage with traditional media channels like direct mail and the traditional newspaper. Successfully connecting with your customers involves capturing their attention through the right channel. We found that our four shopping groups prefer a mix of traditional and digital media channels. What does your media channel mix look like? Hark! The herald angels sing of ways to adapt to the change in holiday spend and media preferences: Align your activation efforts to digital, but don't forget about traditional channels Expand your targeting and activation focus beyond in-store vs. online Download our new 2025 report For a deeper dive into our predictions and actionable insights you can use to take your holiday campaign planning home for the holidays, download our new 2025 report, in collaboration with GroundTruth. Experian data can help you refine your content and creative strategy to achieve maximum ROI for each campaign across all your channels. Download now Get in touch
Fluctuation in consumers' behaviors and preferences during the pandemic has prompted a shift in the practices and patterns that we are accustomed to. Powerful market forces are emerging as society builds a new normal, forcing marketers to rethink their strategy, activation, and measurement. It is important for marketers to understand the forces that influence the industry, and to learn about alternative approaches that can be applied to help reach their goals. In our recent webinar, ‘How to Adjust to the New World of Advertising,’ Experian’s Chris Feo and guest speaker Tina Moffett, Principal Analyst at Forrester Research, lead an in-depth discussion of the market dynamics and developments guiding us to this new era of advertising. They talked about: The pandemic changing consumer behavior Emerging media channels Data deprecation The pandemic and increased media consumption The pandemic caused seismic shifts in consumer behaviors and business operations. Work from home became the norm, consumers made drastic changes in their routines, and businesses had to adjust to new operating models as local economies shrank and supply chains strained. As stay-at-home orders were put into effect, consumers increased their media consumption drastically as more time was spent at home in front of their devices. According to Forrester, by June 2020, 48% of US online adults subscribed to at least one streaming service, while 34% had signed up for multiple. Forrester contends that: Social and online video/OTT will grow fastest among other categories of ad spend Connected TV outpaces other video advertising channels 55% of consumers plan to continue watching movies at home rather than in theatres after the pandemic Data deprecation The ways that marketers can personalize content and measure the effectiveness of campaigns is changing with data deprecation. Consumer preferences, regulations, and technology providers are evolving the way advertisers understand consumers, causing changes to existing identity-based marketing strategies. According to Forrester, 66% of marketers are investing in first-party data collection strategies to adapt to these market forces. Marketers need to adjust Demand for a new advertising approach Changes in consumer behavior, evolving media consumption patterns, and data deprecation have marketers looking at new approaches to targeting and measurement. However, with the future uncertain in many of these areas, marketers need to test and experiment to determine which approach is best for them in particular use cases. Shifting to a new world of experimentation Advertisers need to start by assessing their current environment to determine where they have exposure today, which methods of identification they are using, and how those channels may be impacted by the market forces outlined earlier. From there, they need to start asking themselves how they can assess identity in the future or if there is another way to approach advertising in that specific channel. There are specific areas where marketers can look to make investments in terms of experimentation: Adoption of cleanrooms to support analytics and audience targeting Investment in first-party data to overcome the issue of data deprecation Shifting to a value-based, omni-channel advertising mindset to address customers’ needs Investment in data-savvy resources to manage media insights Adoption of consistent cross-platform advertising metrics and currencies to inform better planning If you missed our recent webinar ‘How to Adjust to the New World of Advertising,’ you can listen to the full discussion here. Get in touch