Keeping data safe - what's your back up?

Securely storing and protecting data requires a whole lot more than a simple back up. A new International standard for data storage security ensures your valuable information stays in safe hands.

Few minutes to read

This news belongs to our archive.

By Clare Naden
Published on

An organization's data is often its most valuable asset, and keeping it stored safely and effectively is increasingly a commercial and legal imperative. However the process of managing it can be complex, covering not only how it is stored but how to access it securely and communicate it across a wide range of media and devices.

ISO/IEC 27040:2015 Information technology - Security techniques - Storage security provides detailed technical guidance on how to effectively manage all aspects of data storage security, from the planning and design to the implementation and documentation.

It includes guidance on mitigating risks of data breaches and corruption and takes into account new technologies and the complexities of connectivity and supports the requirements of an Information Security Management System according to ISO/IEC 27001:2013, Information technology -- Security techniques -- Information security management systems -- Requirements.

ISO/IEC 27040:2015 aims to:

  • help draw attention to risks;
  • assist organizations in better securing their data when stored; and
  • provide a basis for auditing, designing and reviewing storage security controls.

ISO/IEC 27040:2015 can be purchased from your national ISO member or from the ISO store.

Press contact

Journalist, blogger or editor?

Want to get the inside scoop on standards, or find out more about what we do? Get in touch with our team or check out our media kit.  

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information.