We understand the trust that our clients place in us as their IT partner and we take this very seriously. We therefore aim to maintain the highest standards in Information Security, keeping our data and communication networks as secure as possible.
We are committed to compliance with the ISO27001 standard of Information Security and we are Cyber Essentials Plus certified.
Both certifications require an annual audit of both our Information Security Management System (ISMS) and the technical controls that are in place to secure our business and ensure compliance.
As we continue to develop and evolve our Information Security efforts we will add further updates to this page.
Cyber Essentials plus certification
Registration with the ICO
ISO27001 is the world’s best known and most popular standard for Information Security. The standard helps organisations adopt and implement an Information Security Management System (ISMS) which identifies the Information Security risks to the business and enforces a set of controls to mitigate those risks.
In order to achieve certification a business needs to be independently audited each year to demonstrate compliance with the standard.
Cyber Essentials is a UK government backed scheme designed to help businesses follow best practice when it comes to Cyber Security. The scheme is more focused around technical controls than business process which sets it apart from ISO27001.
In order for an organisation in the UK to win government contracts that involve the handling of sensitive or personal information, they must be Cyber Essentials certified.
The certification has two levels – Cyber Essentials (which is self-audited) and Cyber Essentials Plus which includes a third party audit and testing of the technical controls you have in place.
Yes, as a business we do maintain a level of Cyber insurance and we recommend that our clients do the same.
Yes, as part of our vulnerability management programme, we perform regular internal vulnerability scans against our IT assets. In addition to that we have regular independent third party penetration testing of our network.
We have multiple layers of Cyber Security training embedded throughout the business. As part of the induction process for new team members our internal training team deliver content around our own security measures and why they are so important. In addition to that any new staff are enrolled within a third party Cyber Security training programme.
Every member of staff undergoes third party Cyber Security training every year and in addition to that we have regular phishing testing in place, the results of which are used to influence further training programmes.
+44 (0)203 475 8733
+1 347 690 1190
+852 5808 4824
+353 1901 4077