geoAMPS BLOG

Land Rights & Infrastructure Asset Management Software

All Posts

How to protect your organization against hacking

hacking-two-blog

In June 2015, a federal investigation began into a data breach that may have compromised the personal information of some 4 million current and past federal employees. Premier Blue Cross reported that in January 2015 hackers stole 11 million records, including credit card numbers, Social Security numbers and email addresses. Home Depot said in 2014 that 56 million credit card numbers and 53 million email addresses of customers had been stolen. There have been other recent victims of cybercrime: Anthem, Sony, JPMorgan, EBay and Target.

Incidents of hacking have dominated the news of late. Whether the suspects are individuals or foreign governments, the criminals are creating uncertainties and nervousness within the global community that is becoming increasingly dependent upon the Internet for storing information, commerce and communication.

That is why each new report of a data breach is so unsettling. In January 2015, Neiman Marcus reported a card hack of debit and credit card information of in-store customers. The investigation determined that 350,000 customers were affected, their data stolen after malicious software was installed onto the store’s system that collected payment card data.

Hopefully, as such incidents of hacking become more worrisome, improved methods of detection, prevention and targeting the perpetrators will result in less hacking.

At geoAMPS, we’ve already taken steps to protect the information of our organization and clients, all stored in Web-based database systems.

When considering Web-based software be sure to look for certifications such as providers that use SAS 70-secure facilities with multiple layers of security, including role-based access, password and physical controls of server locations.

Newer compliance standards also include Service Organization Controls (SOC) 1, 2 and 3, SOC that go a step further, looking at such items as:

• Is the Web system protected against both physical and logical unauthorized access?

• Is the system processing complete, accurate, timely and authorized?

• Is the information designated as confidential and, if so, is it protected?

• Is personal information used, retained, disclosed and disposed of in accordance with criteria set forth in Generally Accepted Privacy Principles (GAPP) issued by the AICPA and Canadian Institute of Chartered Accountants?

When considering where to store data on the Web or do business with vender organizations be sure to look for the above information and ask the questions that will lead you to the best decision for your organization.

• Compliant with SAS 70, SOC 1-, 2-, and 3-like standards?

• Are hacking (AKA, penetration) tests conducted regularly?

• Is the system backed up in a different physical location?

• Is data encrypted both in transit and at rest?

• Is the system security role-based, limiting access to job functions?

Customers understandably want to know that they can trust their data center provider to meet the most rigorous control standards, requiring accountability and transparency. To meet those concerns the American Institute of Certified Public Accountants created a “Statement of Auditing Standards” certification termed SAS 70. The advanced certification gives customers the assurance that their data center provider has effective controls in place for managing the design, implementation and execution of customer information.

Want to learn more about geoAMPS products and services? Call us at 614-389-4871 or visit our website, www.geoamps.com

Dan Liggett is Communication and Public Relations Consultant at geoAMPS.

Related Posts

geoAMPS celebrates 4 years in India !

geoAMPS is a software solution built for managing land rights and assets. We are spread across 10 industries which include Oil & Gas, Alternative Energy and Transportation. We are currently serving clients throughout the United States, Canada and India. geoAMPS has a tightly-knit team of professionals who work together to bring to their clients the best-in-class service.

  • 2 min read
  • Wednesday, April 10

Make Renewable Energy Projects Successful with Contract Management

Escalating climate change, sustainability, energy costs, and resource depletion. These are a few reasons to why the renewable energy industry has been expanding swiftly for the last decade or so. Because of their nature, renewable energy projects face many threats and challenges. However, contract management can help reduce some of these threats.

  • 2 min read
  • Thursday, March 7

geoAMPS Hauls In 4th Consecutive Healthiest Employer Honor!

geoAMPS Employees compete in the annual Field Day competition, July 2016