Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

IT Security Standard Certification

  • 13-09-2007 01:20PM
    #1
    BlueSpud
    Registered Users, Registered Users 2 Posts: 302 ✭✭


    Does anyone know of any well recognised industry standard for certification of IT security standards, for a small company of say 5 employees, without money to spend. ISO I believe is out of the question cos to takes oceans of time. I am looking for something more appropriate to scale. We have a few servers on our network and desktops.


Comments

  • #2
    constellation
    Closed Accounts Posts: 89 ✭✭constellation


    Do you want to certify the company or the employees? If the former, will it actually help the business - i.e. increase profits?


  • #3
    BlueSpud
    Registered Users, Registered Users 2 Posts: 302 ✭✭BlueSpud


    I want to certify the company, i.e. that we follow some recognised policies etc. It is one of those tick boxes in tendering.


  • #4
    CptSternn
    Registered Users, Registered Users 2 Posts: 1,530 ✭✭✭CptSternn


    Microsoft offers MCSE: Security certs, but thats for employees. There are security certs you can get to verify your website is secure from Thawte and a few other companies, but as far as certifying that your whole company meets a certain standard, I have yet to hear of such a standard.

    The main problem being - how can you certify your company of 5 or so is meeting a security standard if the employees themselves don't have any security certs.


  • #5
    quinta
    Registered Users, Registered Users 2 Posts: 112 ✭✭quinta


    The only really recognised one for security frameworks/standards etc is ISO27001 - It will require a spend though as will any certification process you go through.


  • #6
    han68
    Registered Users, Registered Users 2 Posts: 42 han68


    We achieved ISO27001:2005 accreditation after about 6-8 months of work, but it will indeed cost you (apart from the effort).

    Certification Europe has info (and courses) regarding ISO27001 certification

    http://www.certificationeurope.com

    And no, I do not work there :)


  • Advertisement
  • #7
    BlueSpud
    Registered Users, Registered Users 2 Posts: 302 ✭✭BlueSpud


    thanks for all the input guys. The MCSE for employees might be a flag worth flying.


  • #8
    mick.fr
    Closed Accounts Posts: 1,974 ✭✭✭mick.fr


    Your company can become a Microsoft partner certified in Security.
    You need one guy certified MCSE: Security, another with any security certification (MCP security) or other vendors as well.
    Plus you will need 3 customer references regarding security.


Advertisement