BUSINESS STANDARDS
is the quarterly magazine of BSI Group, highlighting the vital role that standards play in today's business environment. Regular features include interviews with leading business figures, as well as news on the latest developments in management systems and standards.
Numerex: information in safe hands
03 Jun 2008
Topics: Information security, ISO/IEC 27001, USA
In January 2008, Numerex Corp became the first machine-to-machine (M2M) information security provider in North America to earn certification ISO/IEC 27001:2005, the international standard for information security, ensuring data confidentially, integrity and availability. Numerex Corp provides solutions and network services for data communications between machines.
According to Stratton Nicolaides, chairman and CEO of Numerex, the certification is a critical milestone in Numerex's history and for the M2M industry across the board. Achieving ISO/IEC 27001:2005 confirms that the company is responsive to the emerging market needs in the transport and processing of M2M data and holistic M2M security best practices, he said in the company's formal announcement of the certification.
Customer needs
Numerex pursued ISO 27001 certification for three primary reasons, according to Alain Louchez, vice-president of strategic management for Numerex.
"The first reason was validation," he says. "Numerex wanted to be able to demonstrate to the world that its information security framework had received the stamp of approval by the international community and that an outside, third-party had made the assessment."
Numerex also sought certification because it was responding to the increased market requirements in terms of better protection for information: "When you look at major trends in our industry, information security is certainly one of the most important ones," Louchez explains. "Strengthening our information security through certification help us meet these growing requirements."
The last significant reason for pursuing ISO 27001 involved market distinction: "Numerex wants to differentiate itself from its competitors," he says. "We are building a trusting relationship with our customers, and obviously, we think ISO 27001 can help us to engender that faith and confidence."
Although the certification was just recently issued, Louchez says the company has already experienced added value from ISO 27001: "We strive to promote an excellent relationship or rapport with our clients, suppliers, and partners, and ISO 27001 helps us achieve that."
Numerex has benefited from the process of getting certification, he adds, noting that implementing the Information Security Management System (ISMS) has significantly helped the company in its daily activities. Through the implementation process, Numerex has developed a system in a very orderly fashion that will bolster the company's ability to better meet its customers' needs.
"We are using numerous well-tailored control objectives that contribute to shaping a very efficient environment," he says.
For example, Numerex "has woven into its IT screening the ISO 27001 perspective," noting that ISO 27001 provides the backbone that allows Numerex to do an effective and efficient job.
Louchez points out that Numerex has approached its implementation in phases, using the ISO 27001 management system to tightly structure the IT focus of the organization.
"We are the company that offers the broadest choice of secure M2M network services and solutions... ISO 27001 further supports this point," Louchez concludes.
Business Standards © 2008. Editorial produced by Caspian Publishing in association with the British Standards Institution. Editorial opinions expressed on are not necessarily those of BSI Group or Caspian Publishing. Neither Caspian Publishing nor BSI Group accept responsibility for advertising or editorial content, nor for that appearing on linked third-party websites. Reproduction in whole or in part is forbidden without written permission from BSI Group or Caspian Publishing.
The London European Partnership for Transport (LEPT) has engaged BSI British Standards to develop a new Publicly Available Specification - PAS 500 - for travel plans, designed to encourage more environmentally friendly transport.
Global BCM accreditation for BSI
BSI Management Systems has become one of the first organizations to be independently accredited to deliver global certification against BS 25999, the business continuity management standard.
Are you "Fit to supply" 2012 Olympic Games?
Business Link, the support and networking agency funded primarily by the Department for Business, Enterprise and Regulatory Reform (BERR), is working with BSI to help companies in their goal to win contracts for the 2012 Olympic Games.
BSI British Standards and the independent authority Public Concern at Work have launched PAS 1998:2008, new guidance for organizations on whistleblowing arrangements. The launch marked the tenth anniversary of the Public Interest Disclosure Act (2 July 2008), itself recognized as an international benchmark on the subject.
Elaine Westwood, founder and CEO of The Glassworks - one of the largest glass processors in the Midlands area - was named The Midlands Business person of The Year' 2008 at the inaugural Midlands Business Awards.
Question: Can standards really help minimize the need for regulation?
Regulation and legislation keep business on a level playing field and help mitigate against risk, as was acknowledged by The Hampton Review in 2005.
Have a standards-related question for BSI or a comment on the website? We'll find the right person to answer.
