As part of a continual drive for internal improvements, we are proud to have received our Cyber Essentials security accreditation. This certification assures us and, most importantly, our clients, that the sites we build, host and support are protected from cyber attacks.
The Cyber Essentials scheme is bolstered by government backing from the National Cyber Security Centre. Recognition from Cyber Essentials reassures clients that their IT and data are proactively being protected from cyber attacks.
Assessed against Cyber Essentials Scheme Specification, checks were carried out on all of our internet-facing infrastructure (and in a digital agency of this size, there’s a lot of it!). Our firewalls, routers, end user devices and hosted systems have all been assured for their safety and security in the UK.
Defending Against Cyber Attacks
Unfortunately, cyber attacks present common threats to internet-based security. Cyber attacks often require little skill and can be achieved with widely available tools; however, protecting ourselves and our clients from these threats requires more sophisticated technology.
Cyber Essentials defines the most common threats and has certified CTI as safe from:
Hacking: identifying and exploiting vulnerabilities in devices connected to the internet.
Phishing: tricking users into installing or using a malicious application.
Password guessing: guessing login details, either manually or using automated programmes, to access secure information.
Being part of the Cyber Essentials scheme helps us to protect the confidentiality of all data stored and processed on our systems.
Government Level Security
Cyber Essentials certification is a requirement for any agency or organisation working with central government contracts. We understand the unique requirements of public sector organisations and we know that these important institutions require the utmost security, for the handling of sensitive information.
What’s more, the Information Commissioner’s Office (ICO) recommend Cyber Essentials as ‘a good starting point’ for compliance with GDPR. Storing and processing personal data in online systems is the way of the future, but it also opens up opportunities for potential risk. Our Cyber Essentials certification recognises our approach to GDPR compliance, continuously maintaining ‘Privacy by Design’ systems in order to:
Manage and monitor security risk;
Protect personal data from cyber attacks;
Detect security breaches before they happen;
Minimise the impact, should a cyber attack occur.
Continually Striving for Quality
This certification comes alongside our continued dedication to upholding ISO 9001:2015. Our processes were accredited by the International Organisation for Standardisation (ISO) in 2017, when we committed to continually upholding and improving our agency standards and internal processes.
Our ISO 9001:2015 accreditation is an ongoing commitment to quality.
What’s next? We are striving to achieve ISO 27001 status and have begun the process for accreditation in 2019. This further level of recognition by the ISO would confirm our extremely high level of commitment to data security.
Our existing reputation is founded on 15 years of active attention to our security practices, and we have no plans to slow the pace of improvements.
If you are looking for a trustworthy agency, with a proven track-record and independently approved processes, get in touch with our experts for a consultation.