Cyber Essentials Plus
After a lot of hard work (and no little stress), we were officially certified “Cyber Essentials Plus” on 19 March 2018.
This was great news for us as it clearly illustrates our promise to put security at the heart of our processes and infrastructure, reassuring our customers that the trust they have placed in us is well founded.
What is Cyber Essentials?
Cyber Essentials is a certification that you as a business are protected against the most common cyber attacks. This includes questions about your processes and procedures, your network, the systems you use, and pretty much any aspect of your business that could leave you vulnerable. It confirms that you as a business are doing everything you can to keep your data secure.
Specifically, it covers five ways to you can do this:
- Securing your Internet connection
- Securing any and all devices or software you use to access business data
- Controlling access to your data and services so only people who need access have it
- Protecting your devices and infrastructure from viruses and other malware
- Keeping all devices and software up to date
Where does the Plus come in?
Cyber Essentials Plus means that, not only have we passed our Cyber Essentials certification, we had an independent security firm come in and do some tests to make sure that we do what we say we do. This external verification of our cyber security underlines our commitment to data protection and security.
What was the process?
From there, our answers were checked and approved. The process was simple, even if the translation of our processes (and the implementation of a few new ones) required the investment of some serious time and effort.
Our answers were checked and the first part of our Cyber Essentials certification was awarded.
The first thing we needed to do was to bundle all of our documented security and data protection processes into answers to a set questionnaire provided to us by our certification partner. In our case, this was TeraByte Inc.–who we can’t recommend enough! They were great, so knowledgeable and supportive.
Then came the stressful bit. Someone from TeraByte came through to our office, ran some tests, asked some questions, and generally made sure we were doing everything we could to ensure the security of our infrastructure.
After a few hours, Marcus confirmed that we had passed and we had our “Plus”.