| |||||||||
| |||||||||
Current Filter: Security>>>>>> Raising the Standards Editorial Type: Industry Focus Date: 03-2014 Views: 2349 Key Topics: Security Asset Management Certification Data protection Cyber-Attack Key Companies: ADISA University of South Wales Key Products: Key Industries: | |||
| Launched in 2010, the Asset Disposal and Information Security Alliance (ADISA) has been busy working with a range of companies involved in recovering ICT assets to decrease the risk associated with data loss. So who are ADISA and why should it care? With an ever-increasing focus on data protection, all potential vulnerabilities are being assessed. The business process of asset disposal is viewed by many as being simple, beneath them or even irrelevant. However, while cyber attacks may happen, all data carrying assets at some point will be retired. And unless the data on each media type is suitably sanitised, there is very clear potential for a data breach. Those companies that provide asset disposal/recycling, brokerage or logistics services operate in a largely unregulated industry and, while there are many innovative and professional companies, the quality and ethics of companies can vary dramatically. Business end users are left unsure who to entrust with their reputation and brand when disposing of assets. This doubt is further exacerbated by a desire from end users to maximise financial return from old infrastructure, resulting in sourcing decisions, more often than not, being heavily weighted on financial reasons, rather the service quality.
CHANGING LANDSCAPE Furthermore, the changing data protection law is redefining the relationship between a data controller and data processor. This subtle, but significant transformation sees a legal liability now being shared between controller and processor, which makes choosing a partner even more important.
ADISA INDUSTRY STANDARD Thanks to this audit process, it is essential that ADISA members are fully committed to not only achieving certification, but maintaining and, for many, exceeding it. Their vigilance is necessary, as to date three companies have been removed from the programme and others have been suspended, due to issues found at audit. This approach has seen the programme formally recognised by the Defence InfoSec Product Co-Operation Group UK (DIPCOG). This is a UK Ministry of Defence (MoD) forum run by a committee comprised of representatives primarily from the MoD and CESG.
WORRIED? To see if your partner is certified or to register for a free webinar to learn more about ADISA, visit: www.adisa.org.uk. | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |