At ABL Business we recently became Cyber Essentials certified– which means our online and in-house systems for storing and processing data have been verified as secure by a team of independent experts.
But is that really necessary? You trust your own team to do a thorough job and you may feel confident you’ve got everything covered.
The fact is that threats are getting more prevalent every day and for each security measure put in place, fraudsters and hackers are evolving the way they operate, learning new tricks to attack businesses and steal valuable information.
Cyber attacks come in many shapes and sizes, from phishing scams via email to connecting with an insecure network. Some can be hard to spot, some very easy, but once your systems become vulnerable you can be susceptible to more serious attacks.
Cyber Essentials is a simple, but effective, Government-backed scheme which enables you to demonstrate your commitment to cyber security to your customers and potential customers.
It ensures that all customer and employee data that you hold is protected against a whole range of the most common cyber attacks and that you are implementing effective processes to limit human error. It also demonstrates that your company is compliant with GDPR, (General Data Protection Regulation).
So how does it work?
To qualify for the Cyber Essentials certification we had to test our systems against five security controls then pass the results to a qualified assessor who verified the information provided.
At ABL we went through a number of processes to ensure we would make the grade.
- We reviewed and updated all our policies, including those for data protection, cyber protection and all associated activities, to ensure that personal data is held and processed appropriately and safely.
- We classify all our data and restrict access based on that classification, always ensuring that we have full consent to use that data, whether online or for business purposes.
- We upgraded our internal security and that of our assets, such as laptops mobile phones and routers, to ensure that all data held is secure and fully protected.
- We updated protocols to deal with any potential data breaches, ensuring that all internal systems work with us to process data smoothly and in a controlled manner.
- We will be launching our new website to reflect the GDPR changes and our Cyber Essentials certification.