ISO 27001 Annex A 8.5 is about secure authentication, which means you must have a system to handle how people authenticate based on access restrictions and the access control policy. What Is Secure Authentication? Authentication means you prove your identity. We need to be certain that you are the person asking for access. Authentication is the […]

ISO 27001 Annex A 8.4 is the rule about access to source code, which means a company must have a system to control access to source code, development tools and software libraries. What is ISO 27001 Annex A 8.4? The latest version of the ISO 27001 standard is ISO/IEC 27001:2022 (published in October 2022). In the ISO/IEC 27001:2022

ISO 27001 Annex A 8.3 is about information access restriction, which means you must have a system to handle to restrict who can access information and IT systems. What Is Information Access Restriction? The best way to keep your information safe is by using access control and limits on who can see data. Its main

ISO 27001 Annex A 8.2 is about privileged access rights, which means a company must restrict access to privileged accounts and manage them. What are Privileged Access Rights? There are users that will be granted privileged access such as administer (admin) accounts, super user accounts, global admin accounts and even service accounts. ISO 27001 Privileged

ISO 27001 Annex A 8.1 is about User End Point Device Security. This rule says that an organisation must create and follow rules to control devices you use to connect to your systems and data. What is User End Point Device Security? Endpoint devices are the equipment you use to do your job, and you must

ISO 27001 Annex A 7.14 is a simple rule. You must safely get rid of old equipment. If you reuse equipment, you must wipe all data first. Make sure the data cannot be brought back. This rule focuses on how you get rid of or reuse your hardware. You must protect the data on the

ISO 27001 Annex A 7.13 is about maintaining your equipment following all guidance. This keeps it working and keeps your data private and safe. The main idea for this control is simple: You should maintain equipment as the maker suggests. This stops equipment from breaking or getting damaged. Equipment maintenance means you must care for

ISO 27001 Annex A 7.12 Cabling Security is a simple way to protect your vital cables. This control helps you make sure nobody damages or interferes with your cables. It also stops people from using your cables to intercept your private communications. Both power and data cables can be easily damaged or tapped into. To

ISO 27001 Annex A 7.11 is a simple control. It asks you to check important services like power and internet. You need to plan what you will do if these services fail. This ISO 27001 control helps keep you safe from a break in your utilities, such as power or water. What is ISO 27001

ISO 27001 Annex A 7.10 is about the full life of your storage media. You must manage media from its first use to its final destruction based on how sensitive the information is. ISO 27001 Annex A 7.10 protects your storage media from harm. What is ISO 27001 Annex A 7.10? The latest version of