Power your Marketing.

Two technical professionals examining server in server room with laptop, running diagnostics and problem-solving.

Ongoing Security Training Helps Us Stay Sharp

John Sobieck

Year-end is a time for all of us, regardless of industry, to take stock of how our departments and companies have performed over the past 12 months. This includes reflecting on new achievements, such as IWCO Direct adding SOC2, a report on the implementation and efficacy of controls, to our certification roster.

Our SOC2 report comes on top of our existing security accreditations that include:

  • ISO 27001:2013 – the framework for our security program;
  • PCI DSS – focused on protecting credit card data; and
  • HITRUST – focused on protecting health care data.

Security is an Everyday Commitment

A year-end review also means looking at every aspect of your program, even those that are performing well, to identify areas where you can be even better. While our Information Security team will certainly be joining in this time of reflection, it will be as part of the everyday commitment that is required to deliver effective security.

We often point to our certifications as evidence of a strong security practice, but it’s important to note that attaining and maintaining them is not a matter of being successful at just one point in time. Information Security requires monitoring, analysis, and improvement not just at audit time or year-end, but continually, every day of the year. From new certifications and improved tools to enhanced testing and focused training opportunities, improvements to a security program can take any form and occur any time they are needed.

Training Supports the Security Journey

In addition to adding SOC2 this year, another example of how we’ve improved our security practices is by adding more training. While annual security awareness training is great, employees can always benefit from additional security training. The Information Security team has developed enhanced, focused training on some of the most pressing issues in security today, such as social engineering and incident response. It’s another way we foster the “security is everyone’s responsibility” and “security is a journey” ethos within every part of the organization so that we can be “audit-ready” every day of the year.

The daily goal of our security program is to protect our data and the data of our clients. To do this, we take input from our clients throughout the year on ways to improve and invariably become stronger every year due to our clients’ insights.

Want to know more about IWCO Direct’s commitment to deliver effective data security? Contact me here.

link https://www.iwco.com/blog/2019/11/22/data-security-training/
John Sobieck

Author

John Sobieck

Security Analyst with a BFA from Bemidji State University. Believes great work is accomplished by great teams and integrates that belief into everything he does at IWCO Direct. When not focused on data security or practicing Tae Kwon Do, this born traveler can be found exploring Minnesota’s North Shore.

More Posts by John

Subscribe

Subscribe to SpeakingDIRECT to have new articles delivered to your inbox as they post. We promise to keep it fresh and interesting.

IWCO Direct Introduces C-Stream℠ and Revive℠ Promotional Card Substrates for More Sustainable Direct Mail CampaignsRead News
keyboard_arrow_upBack to top