As Safe Data Storage continues to grow, we like to keep up our reputation as being the safe and secure backup and recovery service that our customers know and love. That means we have to make sure our network is protected at all times from any potential threats that may arise. In that regard and as you may be aware, we acquired the Cyber Essentials certification.
By acquiring the Cyber Essentials certification, Safe Data Storage was able to show that we have all the required security controls in place to keep our systems protected. However, this certification only goes by our word and external scan. Whilst great to have, we wanted to be able to prove that we have all these controls in place and show our clients that we have secure systems for their data.
Therefore, we are proud to announce that we have acquired the Cyber Essentials PLUS certification! This certification has all the same requirements as the standard Cyber Essentials scheme, but the critical difference, is that we were required to have an independent assessment by a CREST approved auditor to make sure we have the five security controls in place. This assessment involved a vulnerability scan of our internal network, to check we had everything in place, which we are proud to say we have passed.
Cyber Essentials PLUS
The Cyber Essentials scheme is a cyber security standard, launched on 5th June 2014, which organisations can be assessed and certified against. There are two levels to this certification: Cyber Essentials and Cyber Essentials Plus.
The scheme identifies the security controls that an organisation must have in place within their IT infrastructure in order to have confidence that they are addressing cyber security effectively and that their systems are protected from external and internal threats.
Since 1st October 2014, all suppliers must be compliant with the specified security controls and certified with Cyber Essentials if they’re considering bidding for government contracts which involve the handling of sensitive and personal information.
The scheme has five main technical security controls:
- Boundary Firewalls and Internet Gateways
- Secure Configuration
- Access Control
- Malware Protection
- Patch Management
It provides organisations with the knowledge of how to implement these measures in their cyber security efforts, whilst also learning how they can improve their current systems if they are found not to be adequate.