[May 25, 2022, Hangzhou] Recently, Whale Strategy passed another authoritative information security certification and was approved and issued by the Ministry of Public Security with the "National Information Security Level Protection Level Three certification" (hereinafter referred to as: ISO27001, ISO27701 and "ISO27701" certification of SaaS software service provider in MarTech industry.
With the increasing number of Whale strategy clients, in order to provide more rigorous protection, Whale Strategy takes the initiative to adopt internationally recognized authoritative standards to impose stricter requirements and norms on itself. What it advocates is from active compliance to the formation of compliance culture within the enterprise, and gradually turn the compliance operation ability into a kind of market competitiveness.
What is "equal Guarantee Level 3"?
Information security level protection certification is a fairly authoritative information product security level qualification certification, by the public security organs in accordance with the national information security protection regulations and related system provisions, in accordance with management norms and technical standards, the information system security level protection status of each organization is recognized and assessed.
Among them, "National information security Level protection Level three certification" is the national advanced certification for non-bank institutions, belonging to the "supervision level", by the national information security supervision department supervision, inspection, certification evaluation content covers 5 levels of protection security technical requirements and 5 security management requirements. It includes nearly 300 requirements, including information protection, security audit, communication confidentiality, and a total of 73 categories of assessment. The requirements are very strict.
To pass the information system security "Level 3 protection" certification, you need to:
Technically: the assessment includes physical security, network security, host security, application security, data security and backup and recovery.
In terms of management: strictly audit the security management system, security management organization, personnel security management, system construction management, system operation and maintenance management, and examine the enterprise's response to malicious code and hacker attacks, as well as the ability to respond to security vulnerabilities and security events and quickly recover the ability.
"Three levels of equal protection" for consumer information security escort
The "equal protection Level three" certification indicates that Whale strategy has reached the national standards recognized by public security organs in the construction, operation, maintenance and application of network architecture, information system and big data, as well as its security management system and security protection technical measures. Whale's security protection level is in a leading position in the market, and it can provide users with reliable and compliant services.
As a professional comprehensive digital marketing operation platform in China, Whale Strategy has already deeply imprinted the consciousness of "protecting consumer information security" into its gene in all aspects of data insight, industry analysis, product design, scheme output, etc. The professional information security team is responsible for the overall prevention of hacker intrusion prevention, data security and information security management. This time, through the "equal protection level three" certification, means that the user information security protection is upgraded again, for the stable and sustainable operation of the brand digital and business development to provide solid and reliable support.
Whale is in action to protect information security
To assist brand clients in being more responsive to national policies regarding data compliance, Whale's "Privacy Compliance Platform" was launched. As a data privacy management platform for customers, this platform can realize data collection and management, which can not only make customers' applications comply with personal information protection law, increase users' trust, but also improve product transparency. Taking into account the security of user information and the full use of data value, it strictly protects consumer information from the three aspects of information collection, information storage and protection, and information use.
In the future, Whale strategy will continue to be technology-driven and serve the brand in accordance with legal and compliant requirements, so that user information security and data can leverage brand growth in a balanced and symbiotic way. At the same time, it will adhere to the practice of corporate social responsibility, and help the construction of privacy protection and information security industry.
