IWCO Direct and Its Mail-Gard Division Achieve New Data Security Critical Compliance Certifications
CHANHASSEN, Minn.—July 28, 2015—In order to enhance its data security practices, IWCO Direct, a leading provider of direct marketing solutions, has announced it has achieved ISO/IEC 27001:2013 certification through BSI. The company has also achieved Level 1 Payment Card Industry – Data Security Standard 3.1 (PCI DSS) compliance certification. These certifications extend to Mail-Gard, a division of IWCO Direct which provides business continuity and disaster recovery services.
In 2013 IWCO Direct achieved ISO 27001:2005 and PCI DSS 2.0 certifications. Since then, both standards have been upgraded. To demonstrate its commitment to Continuous Improvement and data security, IWCO Direct devoted significant time and resources to updating and validating its practices to encompass the latest data security standards.
"Everyone understands the importance of data security, but many companies haven’t taken the necessary steps to ensure they are doing everything possible to protect client data," stated Jim Andersen, CEO of IWCO Direct. "When evaluating potential business partners, we encourage all direct marketers to evaluate whether a company places as high a priority on protecting customer data, and the potential consequences if they don’t."
About ISO/IEC 27001:2013
Developed by the International Organization for Standardization (ISO), ISO/IEC 27001:2013 is the only auditable international standard which defines the requirements for an Information Security Management System (ISMS).
IWCO Direct aggressively pursued certification through BSI due to the growing use of consumer data to drive relevancy and performance in direct mail campaigns. Since adopting the ISO best practice framework, IWCO Direct has continually maintained and enhanced its corporate information security management program and considers it an important competitive advantage.
To maintain its certification, IWCO Direct conducts regular internal and external audits to verify that its security practices remain in compliance with the standard, ensuring that information security remains integrated into the core of its business.
About PCI DSS 3.1
The PCI DSS standard is established by the PCI Security Standards Council, LLC, an open global forum responsible for the development, management, education and awareness of the PCI Data Security Standard (PCI DSS).
The new standard, which was released in April of 2015, incorporates requirements added to address recent vulnerabilities as well as recommendations for incorporating PCI DSS into everyday business processes, best practices for maintaining ongoing PCI DSS compliance and enhanced testing procedures to clarify the level of validation expected for each requirement. Upon release of the new standard, IWCO Direct took immediate steps to comply with the update to support its client base in highly regulated industries. Required to be performed annually to maintain certification, the latest audit provided IWCO Direct a fresh look at its security controls and implementation methodologies.
By achieving this compliance in data management in accordance with the highest security standards founded and supported by major payment card brands, IWCO Direct underscores its commitment to ensuring it has the technology and processes in place to support its customers’ statement processing and financial mailings.
About IWCO Direct
IWCO Direct is one of the nation’s largest providers of direct marketing solutions. Earning customers’ trust by collaborating with North American marketers for more than 45 years, the company’s full range of direct mail services includes one of the industry’s most sophisticated postal logistics strategies. Guided by the “Power your Marketing” approach, the company’s Proprietary Intelligence model encompasses data, strategy, creative, execution and analysis to inspire performance across all marketing channels. Through Mail-Gard, IWCO Direct offers business continuity and disaster recovery services that provide peace of mind in case of a business interruption. The company is ISO/IEC 27001 Information Security Management System (ISMS) certified through BSI Group America, reflecting its commitment to data security. Stay current on direct marketing trends, industry news, postal regulations and more by subscribing to IWCO Direct’s SpeakingDIRECT blog.