ISO/IEC 27001 is the Information Security Management System (ISMS) standard, which is a globally recognized standard formulated by the International Organization for Standardization (ISO) with the intent to protect the confidentiality, availability and integrity of information assets and prevent business data from being misused or stolen. The revised version of ISO/IEC 27001 was released in 2013 and is still in use today. The standard describes the requirements of information technology, security techniques and information security management systems.
The standard requires strict ISMS audits on 14 management areas, 35 control objectives and 114 control focuses to ensure the confidentiality, integrity and availability of information in all dimensions.
Data security policy (2 items subject to control)
Data security organization (7 items subject to control)
Human resource security (6 items subject to control)
Asset management (10 items subject to control)
Physical and environmental safety (15 items subject to control)
Data security incident management (7 items subject to control)
System acquisition, development and maintenance (13 items subject to control)
Access control (14 items subject to control)
Password control (2 items subject to control)
Operational safety (14 items subject to control)
Communication security (7 items subject to control)
Supplier relationship (5 items subject to control)
Data security aspects of business continuity management (4 items subject to control)
Compliance; internal requirements such as policies, and external requirements such as law (8 items subject to control)
The The Gartner 2019 CIO Agenda survey sought opinions from 3,102 CIOs from 89 countries. The survey showed that 95% of respondents believe that information security threats are on the rise, so more investment should be made on BI/data analysis solutions (45%) and information security (40%).
Mr. Chen Yan, CEO of FanRuan, said at FanRuan User Conference that, “Data security is the lifeblood of business, so we cannot estimate the importance of safeguarding data security.”As a specialize provider of BI/data analysis solutions, FanRuan has always been committed to protecting client data. Upholding this purpose, FanRuan developes FineReport V10.0, of which the level of data security is as high as that of any previous version. Equipped with the tracking technologies functioned in a similar manner to the black box recorder on the plane and an all-around trouble removal mechanism, FineReport V10.0 will provide you with the level of data security as high as that of aviation security.
FineReport V10.0 employs RSA for encryption and SHA256 for signature, and is equipped with a number of new functions for security protection, such as cookie enhancement, file upload verification, Security Headers and access control.
FineReport V10.0 supports single sign-on control, abnormal login reminder, access frequency control, anti-violence cracking and strong password protection, and saves more detailed audit records.
FineReport V10.0 supports permission control, multiple ways of permission validation, and password encryption and saving.
Operation and Maintenance Safety
FineReport V10.0 supports regular system backup and system recovery after malicious attacks. Users are allowed to make security analyses, trace resource changes and conduct compliance audit.