NATIONAL HARBOR, Md., June 4 /PRNewswire/ -- Verizon Business customers now can get an even better handle on the effectiveness of their security programs.
At the Gartner IT Security Summit here Wednesday (June 4), Verizon Business announced significant enhancements to its already robust Security Management Program (SMP). These include incorporation of the ISO 27002 Code of Practice for Information Security Management as the basis for evaluating customer security programs and the launch of a new at-a-glance Web-based dashboard that enables organizations to immediately assess the status of their compliance efforts across an expanded set of standards.
The internationally recognized and publicly vetted ISO 27002 information security standard includes 133 security controls used to safeguard the integrity, confidentiality and availability of critical company data. The Security Management Program had previously evaluated customer security controls primarily against best practices determined by Verizon Business.
"Incorporating the ISO 27002 standard into our Security Management Program significantly raises the bar for an already prestigious and rigorous program," said Kerry Bailey, vice president of Verizon Business Security Solutions. "Embracing this key standard will enable our customers to even better manage risk and complement their compliance efforts - a critical concern for security executives around the globe."
With ISO 27002 as the basis of SMP assessment activities, businesses will be in a better position to demonstrate support to third-party auditors and other external parties such as partners and vendors. The highly advanced dashboard also can assist customers in providing auditors with measurable results using the program's detailed findings and trend-analysis features.
This version of SMP is available immediately to customers in the United States, as well as in many countries in Europe and Asia-Pacific.
New Dashboard Offers Convenience, At-A-Glance Scorecard
Verizon Business' newly enhanced dashboard uses a comprehensive scorecard to provide a holistic view of how a customer's security controls align with the requirements of multiple regulations such as the Gramm-Leach-Bliley Act (GLBA) and Health Insurance Portability and Accountability Act (HIPAA), as well as security standards specific to a customer's industry.
As a result, customers can conveniently view all of the relevant security compliance initiatives from a single view versus searching through multiple views for information on other security standards or different locations. The dashboard also enables customers to leverage similar security compliance activities across multiple standards to reduce duplication of compliance efforts.
Verizon Business is also expanding its support for additional industry standards and regulations, including the Payment Card Industry Data Security Standard (PCI DSS) 1.1, COBIT 4.1, BITS AUP 3.0, North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Federal Financial Institutions Examination Council (FFIEC).
SMP Offers Active Approach to Information Security
The Verizon Business Security Management Program takes an active approach to mitigating risk by reviewing customer information security measures across a broad range of security needs, from network and system analysis to security policy inspection. Customers can pursue the prestigious Cybertrust Perimeter and Enterprise Certifications, which demonstrate a strong commitment to information security by providing assurance that an organization's information security controls, policies and procedures have been examined, measured and validated against a stringent set of SMP control standards. The certification must be either maintained or renewed annually by customers. Of the more than 1,000 businesses and government agencies whose information security measures have been reviewed under the program, only about half earn the certification.