point

• Are file servers a breeding ground for ransomware and internal fraud?
  This carries many risks, such as inappropriate access rights and insufficient backup measures.
• Why you should consider cloud storage
  This enables flexible access, improved cost structures and high levels of security.
• Strengthening document management by combining SecureNavi and Box
  Increase efficiency and security with cloud-based tools.

table of contents

• Introduction
• Obstacles to overcome in order to obtain ISMS certification [Information asset protection]
• Strengthening document management by utilizing cloud storage
• summary

1. Introduction

We believe that obtaining ISMS certification is a shortcut to improving security and governance. If you can organize the three elements of information security explained in the first part, "confidentiality," "integrity," and "availability," you will be meeting not only your own company's unique policies, but also policies common to all companies, which will increase your company's credibility externally. For this reason, more than 8,000 companies in Japan have obtained ISMS certification.

It's okay even if it's your first time! We'll show you how to get ISMS certification in the shortest time possible (Part 1)

In this article (Part 2), we will focus on the protection of information assets that you will face in the process of obtaining ISMS certification, and we will go into detail about the challenges and countermeasures, as well as cloud storage "Box" for safe and effective document management. Please read this article for practical tips to further strengthen your company's security measures.

2. Obstacles to overcome in order to obtain ISMS certification [Information asset protection]

There are 10 items related to information asset protection in ISMS certification (ISO27001:2022 Annex A Management Measures), including information assets and information management, access rights management, identification information management, and authentication information management.

Documents of all formats, including Word, Excel, and PowerPoint, range from highly confidential to general information, and it is important to continually consider how to store these, prevent information leaks, and monitor them.

• Are file servers a breeding ground for ransomware and internal fraud?
  In traditional operations, file servers have been widely used, but there are issues with this. For example, inappropriate access rights are maintained, antivirus measures are insufficient, and backup measures are lacking. As a result, file servers are prone to becoming breeding grounds for ransomware and internal fraud. Ransomware is malicious malware that encrypts files, making them virtually unusable, and demands a ransom for their release. Internal fraud occurs when employees with legitimate access rights leak information or gain unauthorized access. These security risks put a company's information assets at serious risk.

3. Strengthening document management by utilizing cloud storage

Cloud storage is becoming a common solution to the security risks of file servers that we have discussed so far. This time, we will introduce "Box," a cloud storage service with unlimited capacity designed specifically for business use. By introducing Box, you can get the following benefits:

• Flexible access environment
  Accessible from anywhere with an internet connection, documents are easily accessible for remote workers or on the go, giving employees access to the information they need wherever they are.
• Improved cost structure
  The cost of managing and maintaining physical servers is reduced, enabling efficient operation. The introduction of Box reduces server space and power consumption, resulting in cost savings.
• Advanced Security
  Your data is kept safe with automated data encryption, access controls and backups, and Box's data centers are distributed around the world to minimize the risk of data loss due to natural disasters or hardware failures.

SecureNavi x Box enables high-level document management

Furthermore, by using it in conjunction with SecureNavi, which we introduced in the first part, a high level of document management is possible. As mentioned in the first part, there are documents that can be managed on SecureNavi and documents that should not be managed. Examples of documents that should not be managed include information security manuals. Simply save such documents in Box and manage them by setting the file path on SecureNavi to create a simple and secure document management system.

We have mentioned the advantages of using Box, but there are also disadvantages, such as the complexity of the initial setup and the burden of ongoing operation and management. That's why Macnica 's unique service, "Marugoto Document Management," provides comprehensive support from initial setup to daily operation and management and troubleshooting, reducing the burden on companies. If you are interested, please contact Macnica.

4. Summary

The process of obtaining ISMS certification is by no means easy, but by implementing the right tools and measures, the hurdles can be significantly lowered. By utilizing cloud-based tools such as SecureNavi and Box, you can improve the efficiency of document management and strengthen security, which will lead to increased corporate value.

In this second part, we explained how to strengthen document management by using cloud storage. We hope that this information will be useful for companies aiming to obtain ISMS certification. Macnica will do its utmost to support you in obtaining ISMS certification, so please feel free to contact us.