The Intersection of Information Security, Digital Signage, and ISO 27001
Intuiface is working on becoming ISO 27001 certified. Why bother? It is because the world of digital signage and information security haven't just crossed paths. They have linked arms and will forever be inseparable.
Intuiface is working on becoming ISO 27001 certified. That intimidating mix of letters and numbers refers to the global standard for an information security management system, or ISMS. The goal of an ISMS is to ensure data confidentiality, integrity, and availability. It's a lot of work and will have taken Intuiface a full year to prepare for and pass the final audit scheduled in February 2020.
Why bother? It is because the world of digital signage and information security haven't just crossed paths. They have linked arms and will forever be inseparable.
To illustrate why, we can approach this from one of two perspectives:
- From the perspective of enterprises deploying digital signage.
Intuiface is an exemplar of the broader trend to introduce signage that is intelligently aware of its users and surroundings. The objective of this sensitivity is to create (hyper)personalized experiences that draw on corporate knowledge, creating sticky, highly effective deployments which - in turn - generate useful data for business insight. None of this is possible unless the enterprise can find a way to provide access to its back office while, at the same time, protecting the information it contains and the privacy of individuals represented by that data. This can only be achieved through a formal process that protects data all while sharing it. That's the role of the ISMS and the reason ISO 27001 certification has grown in prominence. In fact, all enterprise cloud hosting options, like Amazon, Microsoft, Salesforce, and Dropbox (to name a few), are already ISO 27001 certified. This move is trickling down to any organization hosting third party data.
- From the perspective of integrators and digital signage providers
To deliver personalized experiences, Digital Signage integrators and vendors inevitably sense, access, manipulate, display, collect, and write private information. If, as noted above, enterprises are self-tasked with improving information security management, service providers and vendors will have to comply with those same requirements if they'd like to do business. Take Intuiface, for example. We provision and facilitate experience storage, analytics data collection, and license management. More and more often, we are receiving 100+ question inquiries used to establish the extent to which we secure data and how well our approach complements a prospect's requirements. Upon receiving the questionnaire we are told, "As an alternative to completing the questionnaire, simply provide your ISO 27001 certification credentials." Certification is an insurance policy, guaranteeing a modern, reliable approach to data security.
Although it sounds arcane, ISO 27001 is going mainstream. It is morphing from extravagance to table stakes, the minimum necessary for an integrator or Digital Signage vendor to offer its services to security-aware enterprises. Compliance is thus technically optional but, in practice, obligatory. The good news is that compliance doesn't just introduce a set of best practices from which any organization could benefit, it also reassures enterprises that their vendors can be a trusted partner.
Now you see why Intuiface is working on becoming ISO 27001 compliant! Yes, it's a lot of work, but the payoff is tremendous. And we get a cool certificate that we'll put in a nice frame.
Interested in further details? Let us know!