ITIL to best serve your customers!
ITIL (Information Technology Infrastructure Library) is a library of industry best practices.
Read the article »More and more companies around the world are using cloud solutions to run their applications, software or to store their data. But what about cloud compliance?
The democratisation of the cloud is not surprising as it provides access to virtual data storage where companies no longer need to buy or maintain their own IT infrastructure.
However, with cloud solutions, the security of user data should not be overlooked. There are cloud certifications and regulations that can help you in your choice.
Companies using or wishing to use a cloud solution should inform themselves about the security and privacy policies and practices of the provider. Personal, financial or other sensitive information may be subject to strict regulations.
However, data protection regulations differ from one jurisdiction to another. The aim of these regulations is to ensure that customer data is protected and used in a transparent manner.
In Europe, the General Data Protection Regulation (GDPR) applies. This regulation contains a series of rules on the rights of individuals to know what sensitive data companies collect about them and how companies store and process that data.
Recently, Canada passed the Personal Information Protection and Electronic Documents Act (PIPEDA).
In Quebec, Bill 64 will come into force in September 2022. Once in place, businesses will have up to one year to comply with the Modernization of Personal Information Protection Legislation Act. Although there is legislation at the federal level (PIPEDA), since the provincial legislation is similar to the federal legislation, Quebec will be exempt.
The United States has not yet adopted PIPEDA-type regulations. However, several states have adopted privacy laws. California, for example, has the California Consumer Privacy Act (CCPA). It grants consumers rights related to the collection, use and sale of their personal data. The CCPA will become the California Privacy Rights Act (CPRA) and requires a series of new obligations with which organisations must comply.
China has adopted the Personal Information Protection Law (PIPL), which is considered one of the strictest in the world because of its fines and the way it takes into account the extraterritorial effect.
Free 15-day trial
Find out how Hector can modernise your business.
Hector is a web-based inventory management software that is easy to install and is part of a secure, market-compliant cloud solution.
There are various cloud certifications for data security. They can guide you in the choice of your cloud solution.
Organisations with ISO 27001 certification are recognised by international standards as taking the necessary steps to provide a secure service. It gives you the assurance that the cloud solution is secure and that measures are in place to ensure risk management.
In France, the SecNum Cloud qualification is awarded by the ANSSI, the French national agency for IT security. It certifies that the highest level of IT security has been achieved.
SOC reports issued by the American Institute of Certified Public Accountants (AICPA) are essential to monitor the data protection measures in place. They inform clients of the internal controls that are in place so that they can assess the risks associated with using an outside service. The most common SOC reports are SOC 1 and SOC 2.
The SOC 1 report attests to the compliance of systems used for financial transactions by demonstrating that internal controls are in place over the way you handle financial information. The SOC 2 report attests to compliance and operations, particularly with regard to cloud computing and data security.
There are then two types of SOC report (Type I and Type II). The difference between the two is that in a Type I report, the report issuers test a control to confirm your description, whereas in a Type II report, they test the effectiveness of your company’s controls.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all businesses that process, store or transmit credit card information maintain a secure environment.
Hector inventory management software is a cloud-based solution that meets the highest industry standards:
With the pandemic and managing telework in companies, cloud solutions are even more desirable than ever as they allow employees to access company data and documents from home.
Before choosing a cloud solution, it is important to check whether it complies with regulations and whether it has security certifications.
ITIL (Information Technology Infrastructure Library) is a library of industry best practices.
Read the article »The management of medical equipment is essential in the health care industry, particularly because the health of patients and staff is at stake. Find out how this mission can be affected by inaccurate inventory management.
Read the article »To manage and delegate complex tasks such as inventory management isn’t easy, even less with a poorly adapted tool, preventing it from happening. Within the list of several inventory management systems, Excel often appears to be the solution chosen by companies, but is it a wise choice
Read the article »