Are you app ‘
appy or app fatigued? …Forget multiple tools, now there is just one place to get all your information security, data privacy, and compliance work done well.
For every App I download I’m aware of the security risks. On top of that, there’s the responsibility to ensure they are kept updated with the latest versions.
The recent major vulnerability found in the WebEx browser extension*, that caused Google and Mozilla to remove it from their web stores, was a case in point. Whilst, strictly speaking, it’s an Extension rather than an App, there
Thankfully, with this recent vulnerability, our trusty team of experts at Alliantist quickly identified it and, equally as quickly,
Of course, we all rely on App’s to help us get our work done well.
Downloading from trusted suppliers like Google and Cisco is one thing, but in many cases, we have only product reviews and download numbers to reassure us of its’ credibility. Even then there is no guarantee that the best security processes have been followed in product design.
And, it doesn’t end there! There’s a vast array of software tools to help us all perform multiple functions and even external resources we download or open to help us.
All this validation and updating is time-consuming stuff so you better be sure of the products’ value in making your life easier!
So, what’s the solution?
Limit the number of Apps, Extensions and external resources you download or open by carefully choosing products that give you multiple tools to get your job done well.
Choose products from trusted sources and, where possible, look for credibility in the form of externally accredited systems. Something like a UKAS (ANAB for the US) ISO 27001 information security standard includes auditable policies on security in the system development and support processes.
Ensure regular reviews and ‘pruning’ of Apps and Extensions no longer in use. If you’ve obtained Cyber Essentials then you’ll know this forms part of basic cyber security requirements.
Have a system in place for identifying and effectively managing and communicating vulnerabilities.
Ensure your chosen solution includes automatic updates that will fix identified security vulnerabilities.
An accredited, multi-tool for information security management
Whilst there are various products available to perform one or some of the functions or requirements of an
Now there is one secure and integrated cloud solution for getting all your work done easily and effectively in one place –
At Alliantist we have a strong heritage in information security. Our company, products, and services are all ISO 27001 UKAS accredited. It means we consider security within all our design and production processes. We manage information security throughout our supply chain. Key suppliers, such as our data-centres hold the same or equivalent standards as us.
ISMS.online has such rich functionality, tools,
‘Policies & controls’ – no need to download or open external ISO 27001 toolkits, UKAS accredited policies are already included in ISMS.online.
‘Groups’ – for simple sharing and communication. Create as many user groups as needed, the entire
‘Projects’ – for structured change and complex collaboration. Limitless opportunities to use or adapt pre-built templates such as ISO 27001, GDPR, NIST,
‘Tracks’ – for tracking simple work with a consistent process. Great for you and your team to
‘Accounts’ – for effective supply chain management. A private and secure place to collaborate with colleagues around managing key supplier or customer relationships. Hold important, information security relevant, information such as contracts, SLA’s, key contacts including Data Protection & Privacy Officer details. Set KPI’s, evidence contract reviews and manage change, all from one place.
‘Tools’ – to support good decision making. We’ve taken risk management way beyond the humble spreadsheet and included tools for ISO 27001 Confidentiality, Integrity, Accessibility (CIA) Impact and Likelihood analysis, applicable legislation and interested parties management. Everything you need to identify, evaluate, treat and evidence risk without managing a single spreadsheet…unless you want to download reports of course!
Integrating your ISMS in one secure and accredited place makes sense. Save time in selection, access one single environment to get all your work done well, reduce duplication and repetition. Collaborate with team members, engage staff and plan for continual improvement.
We’ll take care of the system security and updates, allowing you to focus on securing yours.