10/18/2018

October is National Cyber Security Awareness Month. Now in its 15th year, this annual initiative has been focused on creating a “collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online, while increasing the resiliency of the Nation during cyber-threats”..

Each week of the month is dedicated to education around a different security topic. Week two is focused on learning about the risks, the advantages and the differences between compliance and security.

Compliance: A set of controls or framework determined by governmental, non-profit or industry groups that serves as a blueprint for the security of data. The regulatory organizations that govern compliance standards issue them as a minimum bar for security. Enforcement is established through audits or assessments that are either self-administered or coordinated by a third party.

Why is compliance important?

  • Builds and maintains trust with your clients and drives new business
  • Helps define why people should do business with you
  • Helps define how you do business
  • Enhances consistency within your operations which in turn reduces errors

Security is the collection of administrative processes, and technical and physical controls that safeguard data. Effective security requires threat identification and proactive protections, as well as active monitoring and analysis of the multiple layers of environments.

What security measures are there?

  1. Physical
    1. Access Controls
    2. Video Surveillance
    3. Environmental
  2. Logical
    1. Passwords
    2. Firewalls
    3. Data Encryption
  3. Social Engineering
    1. Awareness
    2. Training
    3. Limited Information

So, why do we need both compliance and security?

Despite their differences, both are essential for processing, hosting and managing sensitive regulated data. You should be:

  • Making security and compliance part of regular operations
  • Making risk assessment an ongoing process, not a once-a-year exercise
  • Regularly reviewing and auditing your internal controls and processes

Security must be your foundation.

Being either secure or compliant doesn’t mean that you are covering both basis. Checking off all your compliancy boxes won’t cover all your security needs. To be both secure and compliant you need a wholistic approach to security management. If you have an effective security strategy you will, consequentially, end up

Related Resources

BlogBlog

The Next Generation of Networks

Enter go to Blog : The Next Generation of Networks
BlogBlog

Involta Cares: Spotlight Interview with Olivia Bontrager

Enter go to Blog : Involta Cares: Spotlight Interview with Olivia Bontrager
BlogBlog

Anywhere Operations Means Business as Usual

Enter go to Blog : Anywhere Operations Means Business as Usual
BlogBlog

Your Digital Workplace with Microsoft Teams Q&A Recap

Enter go to Blog : Your Digital Workplace with Microsoft Teams Q&A Recap
BlogBlog

People Who Deliver: Spotlight Interview with Weston Shultz

Enter go to Blog : People Who Deliver: Spotlight Interview with Weston Shultz
BlogBlog

Ransomware: The Monster to Watch Out For

Enter go to Blog : Ransomware: The Monster to Watch Out For

Stay up to date with the latest from Involta

We use cookies to offer you a better web experience? By continuing to use our website, you agree to the Privacy Policy.