We are proud to have Cyber Essentials : but what does it mean?
Cyber Essentials is a way for companies to protect themselves against the most common cyber threats. It is a well-known government-backed standard so compliance is a sign of commitment to online security and data safety by a business. Each year BSI audits the security of the RPM servers and produce a report showing any weaknesses or areas we need to improve.
The audit checks :
- Firewall security : a carefully configured firewall protects all our devices, including mobile ones.
- Devices and software use : we use two-factor authentication and regularly change passwords.
- User access : we control access to data on each user account, which has recorded and controlled privileges.
- Patch management : our third party server support keeps the latest program updates installed.
- Malware protection : the network security system gives us advanced protection.
Cyber Essentials External Vulnerability Check
This is probably the most useful assessment, and can be nerve-wracking! We produce a network map showing all internet-facing services for the auditing body which then tries to remotely hack our system. In this way we can identify any weaknesses present, especially via portable devices.
BSI test to see if they could send malicious files into RPM via email attachments. There is also a potential risk from users downloading infected files from a website. More information on the checks is available here : https://www.bsigroup.com/en-GB/Cyber-Security/cyber-essentials/
Customer peace of mind
Most UK public sector contracts require companies to have Cyber Essentials. We are proud to have the logo which can only be displayed by certified companies. You can check certification on the National Cyber Security Centre website here : https://www.ncsc.gov.uk
If you would like more details we can supply a copy of our Information Security Manual. We intend to achieve Cyber Essentials Plus next.