We’ve recently passed our Cyber Essentials certification for the second year. The accreditation demonstrates to clients, and the wider industry, that our in-house processes and equipment have been through the correct due diligence to vigilantly protect our solutions, and those of our customers’, against hackers and other cyber-attacks.
In order to receive the Cyber Essentials certification, we had to prove we had implemented appropriate measures within our organisation to protect sensitive data and comply with standards outlined by Information Assurance for Small & Medium Enterprises (IASME), Information Security Forum (ISF) and the British Standards Institution (BSI).
What is Cyber Essentials?
The Cyber Essentials scheme was established by the UK government in October 2014, and put in place to provide transparency for best practice within cyber-security for businesses. For us, it is also a requirement for some of the clients we work with across certain sectors.
The UK government recommends it as the minimum protection required to eliminate the risk of online attacks, especially by those of a low-level hacker.
There are five key areas that the accreditation focuses on, and these are evaluated by a 60-question assessment, ranging from malware protection, firewalls, secure configuration, patch management and access control.
These controls are tested as part of this certification assessment, ensuring that the systems are configured in the most secure way, to protect both our organisation and our clients’.
All anti-virus programs are also tested, to ensure that they’re up-to-date and appropriate for business use.
The Cyber Essentials scheme was developed as part of the UK’s National Cyber Security program, to encourage businesses to adopt the industry standard for cyber-security as a commercial priority.
What does it mean for our clients?
Matt Hunt, CEO of Apadmi Enterprise, said, “The Cyber Essentials certification has great value for Apadmi as a business. It demonstrates that we are continually taking steps to protect our customers’ data and their IP, and reassures our clients that they have a very limited risk from low-level cyber-attacks.
Whilst we are already practising many of these procedures internally, the accreditation proves to clients that we take data protection and internet security seriously.”