Up next in our Ask the Expert series, Ben Rothke, Senior Information Security Manager, reviews two certifications that should be part of your information security strategy: Service Organization Control (SOC) 2 Type 2 and International Organization for Standardization (ISO) 27001. Tapad, a part of Experian, is 27001 and SOC 2 Type 2 compliant.
Two information security certifications you can trust
Seals from Good Housekeeping and Underwriters Laboratories give consumers confidence that they can trust the product that they’re buying. For IT solutions or service providers, what, or who can you turn to for that seal of approval? There are many equivalent third-party attestations you can use. But which should you trust?
- The International Organization for Standardization (ISO) 27001
- The American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC)
International Organization for Standardization (ISO)
27001 is an international standard for information security from the ISO. ISO 27001 is globally acknowledged and sets requirements for controls, maintenance, and certification of an information security management system (ISMS). This international standard provides organizations with a framework to identify, manage and reduce risks related to the security of information
System and Organization Controls (SOC)
The SOC, as defined by the AICPA, is a set of audit reports. SOC reports, like 27001 certificates, are used by service organizations to give their customers the confidence they have adequate information security controls in place to protect the data that they handle.
SOC 2 is an assessment of controls at a service organization regarding security, availability, processing integrity, confidentiality, and privacy. The purpose of the report is to provide extensive information and assurance to a broad range of users about the controls at a service organization that are relevant to the security, availability, and processing integrity of the systems that process user data, as well as the confidentiality and privacy of the information processed by these systems.
Why ISO 27001 and SOC 2 are important
The value of these third-party attestations is two-fold:
- Organizations can show they have passed an independent external audit
- Third-party attestations save organizations the time of having to do their own audits
In addition to 27001 and SOC 2 Type 2 compliance, we are also certified with ISO 27017 and 27018, which are add-ons to 27001 that are specific to cloud computing. We take the security and privacy of our customers’ data as seriously as they do.
Every cloud service provider (CSP) has a responsibility matrix that details what security and privacy tasks they are responsible for and which ones the customer is responsible for. Any cloud customer that needs to be made aware of what their security tasks are is putting themselves at risk.
So, when you want to engage a CSP, ask them for their attestations. They worked hard for them and will be proud to share their compliance.
We’re powered by decades of setting standards in marketing services
At Experian, we’re a privacy-first business. We’re highly focused on respecting people, their data, and their privacy. We continue to show our dedication to information security by completing these security audits every year.
The constant changes to data compliance regulations can be challenging to navigate, but you don’t have to do it alone. Contact us today. We will be your guide so you can ethically and confidently reach your customers.
Contact us today
About our expert
Ben Rothke, Senior Information Security Manager
Ben Rothke, CISSP, CISA, is a Senior Information Security Manager at Tapad, a part of Experian. He has over 25 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, cryptography, and security policy development. Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill), and writes security and privacy book reviews for the RSA Conference Blog and Security Management magazine.
Latest posts
Marketers Using Centro’s DSP Basis Can Leverage Tapad’s Technology for Extended Cross-device Reach Chicago – May 15, 2018 – Centro, a provider of enterprise-class software for digital advertising, today announced that its Basis programmatic ad platform has licensed cross-device marketing technology from Tapad, a part of Experian, the company reinventing personalization for the modern marketer. Media professionals using Basis can now drive better performance by identifying a person across the different devices he or she uses, serving ads in the most optimum environment, then analyzing performance to see what ad worked best based on creative, device, location and time of day. Today’s digital media ecosystem is fragmented. People consume content on their multiple devices from multiple locations. According to digital analytics firm GlobalWebIndex, a typical consumer owns three digital devices and has seven digital ID’s active in the last 60 days. Advertising technology that treats every device as a single user would not be able to guide customers down the marketing funnel according to how users jump from one device to the next. Furthermore, they wouldn’t see when conversions occur on a device different from that in which the ad was first shown to the user. The Tapad Graph identifies the point of conversion across all screens – smartphones, tablets, home computers, and smart TVs – so that marketers can better gauge the efficiency and return on ad spend. “Our technology helps brands gain a deeper level of understanding of their customer, enabling marketers to better deliver services and products users want,” said Chris Feo, SVP of Global Data Licensing and Strategic Partnerships, Tapad. “With our technology as part of Basis, Centro is providing robust, accessible tools for marketers that want to advance their knowledge of the consumers they want to reach.” Centro’s Basis enables advertisers to plan, buy and analyze real-time bidding (RTB), direct, search and social campaigns in a single platform. It is the only platform that combines all of these elements with cross-device conversion attribution and advanced reporting features in a DSP. With the Tapad Graph integrated into Basis, marketers can now identify consumers across all of their devices during any point of the consumer journey. This can help marketers determine ad spend effectiveness for optimizing campaigns in real-time or for the future. Other cross-device marketing capabilities for Basis users include: Frequency Capping: Apply frequency caps at a unique person-level rather than at a device-level to prevent saturating users with ads and showing them more impressions than desired. Audience extension: Expand the reach of a campaign by learning what other devices a single user may have, then deliver ads to single users’ other devices. Reporting insights: Learn how users interact with ads across their devices. Gain insight about how consumers respond on devices to improve targeting parameters. Conversion attribution: Record conversions on devices different from that in which the ad was displayed to learn the true effectiveness of advertising efforts. “Cross-device analytics and optimization aligns with our vision that converging the different parts of digital media to create a holistic view of campaigns will drive performance,” said Katie Risch, EVP of customer experience, Centro. “Having Tapad’s powerful capability of personalized marketing gives our advertisers high-quality data to cultivate relationships with customers, wherever they are in digital channels.” About Tapad Tapad Inc. is the marketing technology company reinventing personalization for the modern marketer through its identity-driven solutions. The company's signature Tapad Graph connects millions of consumers across billions of devices. The world's largest brands and most effective marketers entrust Tapad to provide an accurate, privacy-conscious and unified approach to connecting with consumers across screens. In 2018, Tapad introduced its Tapad Customer Data Platform (CDP), purpose-built to offer marketers a highly personalized and privacy-safe platform to convert first and third-party data into actionable, results-driven campaigns. Tapad is based in New York and has offices in Chicago, London, Oslo, Singapore and Tokyo. Tapad's numerous awards include: Forbes' Most Promising Companies, Deloitte's Technology Fast 500, Crain's Fast 50, TMCnet Tech Culture Award and Global Startup Award's "Startup Founder of the Year." Tapad was acquired by the Telenor Group in 2016. Telenor Group is one of the world's largest mobile operators. About Centro Centro is a provider of enterprise-class software for digital advertising organizations. Its technology platform, Basis, is the first of its kind SaaS advertising solution unifying programmatic and direct media buying, along with workflow automation, cross-channel campaign planning, universal reporting and business intelligence. It boosts media, team and business performance by enabling advertisers to plan, buy and analyze real-time bidding (RTB), direct, search and social campaigns in a single platform. Contact us today
The concept of identity resolution has emerged over the years as a strategic imperative among marketers and technology vendors. A report by Forrester contends that accurately establishing and maintaining customer identity is one of the most perplexing challenges facing marketers today. Customers have footprints in the offline and online worlds and tend to seamlessly transition across various channels and devices – presenting a unique challenge to truly understand who they are. But the ability to stitch these disparate components of information together means marketers can make better decisions and have more meaningful interactions with their customers. And for customers, this means an experience with personalized advertising content more likely to resonate with them. Why should marketers prioritize identity? The ability to accurately identify customers is the most basic prerequisite for marketing analytics, orchestration and execution. As such, it is becoming increasingly important for brands and marketers planning to link together disparate systems of audience insights and engagement to foster a more seamless and personalized omnichannel customer experience. For example, if an advertiser can identify a customer’s interests, as well as how that person prefers to consume information, then the advertiser can create and deliver messaging that will resonate with the customer. However, like most competitive differentiators, the mission critical components to accurately determine an identity reside within the suite of identity management tools at the marketers’ disposal and the expertise required for proper execution – a struggle for most marketers. But when properly implemented, a comprehensive customer identity strategy can be among a brand or marketer’s most valuable and proprietary assets. Where to begin with identity resolution? With the convergence of CRM platform data, cross-channel online touchpoints, offline record linkage management, probabilistic cross-device graphs, and data onboarding—evolving from point solutions to unified platforms—marketers are faced with an increasingly complex set of challenges in addressing and solving for customer identity management. To properly implement from the get go, and to avoid having to bolt on disparate technologies down the road, emerging industry trends and success stories suggest marketers need a neutral technology service provider that can provide each of these solutions via a single, unified platform. A vendor that can build a solid identity management foundation comprised of omni-channel targeting and attribution, cross-device resolution, online-offline linkage management, and data onboarding form the nexus of a cohesive identity strategy, built to last. Experian helps connect consumer identity As a trusted name in data and information services for more than 40 years, we are committed to privacy by design and the responsible usage and security of data. Whether you’re a brand, agency, or publisher, Experian has the wide-ranging toolset to help you put people at the heart of your business and make better marketing decisions. By harnessing the power of the sum of these parts, fusing both offline and online identifiers and attributes, Experian has established a leadership position in identity management. If you're ready to begin building your identity foundation, contact us and get started today! Learn more about why identity matters to marketers and consumers, here! Contact us today
Partnership Yields Increased Match and Connectivity Rate Through Tapad Graph, acquired by Experian March 27, 2018 — New York, N.Y. — Tapad, part of Experian, is reinventing personalization for the modern marketer and today announced the impactful results of its strategic partnership with Flashtalking, the leading global independent platform for ad delivery, unification and insights. Flashtalking is one of Tapad's most engaged partners, using the Tapad Graph to unify cross-device engagement and identity-driven consumer behaviors for attribution modeling. The company leverages a unique identifier that, in conjunction with Tapad's Graph, provides robust multi-touch attribution solution for its clients. This partnership has resulted in above-industry match and bridge rates for Flashtalking and its customers. Overall, the Tapad Graph yielded a 71 percent match rate with 41 percent of converters engaging on multiple devices, highlighting the importance of cross-device measurement. Tapad’s identity solutions provide Flashtalking with a more holistic view of global engagement. Flashtalking marries ad server log file data with the Tapad Graph to connect all interactions in the consumer journey. This enables Flashtalking to provide more accurate and impactful cross-device attribution, which ultimately enables better optimization. These achievements have led to recognition of Tapad and Flashtalking’s work by the I-COM Global Forum for Marketing, Data and Measurement. “Tapad allows us to understand user engagement across devices and platforms at both the household or individual user level, which is extremely beneficial when providing marketers with true path to conversion and attribution,” said Steve Latham, global head of analytics at Flashtalking. “Since our relationship began, we’ve successfully leveraged Tapad data to provide more accurate, actionable insights that have helped numerous brands achieve substantial gains in media effectiveness.” Flashtalking client Michael Lamontagne, SVP of analytics and CRM at 22squared says “We are big believers in using cross-device insights to improve our campaigns. Flashtalking has been a strategic partner in the pursuit of that goal. By incorporating the Tapad Graph, Flashtalking delivers powerful insights into user engagement and media attribution across browsers and devices. Of equal importance, their bundled solution makes it easy and efficient, saving our team countless hours of busy work.” “Our ongoing work with Flashtalking has had a significant impact on the accomplishments we’ve achieved,” said Chris Feo, SVP, strategy & global partnerships at Tapad. “Being able to grow with a dedicated partner that leverages our proprietary technology in unique ways has helped us uncover the global impact our services can have on a business. We’re proud to drive success for Flashtalking’s clients on a global scale.” Contact us today