NOTE: In 2018 the UK’s Data Protection Act was revised to reflect GDPR Requirements. The below information may have been updated. The 1998 Data Protection Act sets out the legal obligation of those who handle personal data. In Schedule 1,…
Although this is a United States federal law, UK and european companies trading with American entities should be aware of the requirements, as they may impact compliance with the Act. The law was driven by corporate and accounting scandals, causing…
Power Usage Effectiveness (PUE) and Data Centre Infrastructure Efficiency are measures of the energy efficiency of a data centre. Although they are essentially the same, they are used to illustrate efficiency differently. They compare the amount of energy used to…
An Information Security Management System (ISMS) that meets the requirements of ISO 27001, can also help an organisation comply with other industry-specific standards. For example, the Gambling Commission, which regulates commercial gambling in the UK, requires ‘gambling software and remote…
Having implemented ISO 27001 Information Security Management Systems, and spoken to others who have, there is a group of controls from Annex A that seems to be regularly excluded. A10.9 Electronic Commerce Services, has the objective “To ensure the security…
The use of comparison websites to search for products such as car insurance and mortgages could make personal data extremely easy for 3rd parties to access. It is because the method of retrieving stored quotations on these systems often requires…
Do you know if there is a weakness in your network? The answer is no. If you knew about it, you would have had it fixed by now. Denial of service (DDoS) attacks have recently hit the news, after a…
Using the OHSAS 18001 framework as the basis of your occupational health and safety management system can lead to many benefits including: – A Reduction in accidents and incidents. – Lower insurance premiums. – An advantage when responding to tenders.…
All FSA regulated firms could benefit from certification to the ISO 27001 standard. Data security is a requirement of the FSA and in their document “Data Security in the Financial Sector – Firms’ controls to prevent data loss by their employees…
