Due to COVID-19, information security vulnerabilities have increased even more for institutions that have forced and quickly switched to the home-work system. . The fact that many institutions have not yet invested in information security technologies such as EDR, ZTNA, CASB, NAC, DNS Firewall, Incident Response and MFA has further increased the risks.
In my pandemic period, it has been seen more clearly that institutions need ISMS compliance more.
We recommend that you pay special attention to the following ISO 27001 Clauses and Controls.
| Review of Information Security Policies | A.5.1.2 |
| Remote Work | A.6.2.2 |
| Information Security Awareness Education and Training | A.7.2.2 |
| Privileged Access Rights Management | A.9.2.3 |
| Reviewing User Access Rights | A.9.2.5 |
| password management system | A.9.4.3 |
| Security of Equipment and Assets Outside the Organization | A 11.2.6 |
| Information Backup | A.12.3.1 |
| Management of Technical Vulnerabilities | A.12.6.1 |
| Management of Information Security Breach Incidents and Improvements | A.16.1 |
| Information Security Continuity | A.17.1 |
| Information Security Reviews | A.18.2 |
