02 May Jiva obtains Cyber Essentials Certificate
As a company committed to cyber security, we are excited to have recently received our Cyber Essentials certificate, what we see as an important step in continuing to protect client data and information.
The Cyber Essentials certification process involves assessing systems and procedures to identify potential vulnerabilities and risks. By addressing these risks we can better protect our own data, client data and reduce the risk of a cyber attack or data breach.
We rely on technology to operate effectively. From online transactions to data storage and processing, the importance of keeping our systems secure can not be overstated. Cyber Essentials is a UK government-backed scheme that helps businesses assess and protect themselves against common cyber threats. In this post we’ll explore why it is important for our clients, what it covers and what comes next.
Why is Cyber Essentials important for our clients?
Cyber Essentials is designed to help businesses of all sizes protect themselves against cyber attacks. The scheme provides a set of security controls that are based on industry best practices, that can help guard against cyber threats. Our clients entrust Jiva to handle their data. The consequences of data, whether personal, sensitive or neither, falling into the wrong hands can have serious consequences for our clients as well as our business. Cyber Essentials assists us in reducing this risk.
What does Cyber Essentials cover?
There are five key areas of cyber security covered:
- Boundary firewalls and internet gateways – ensuring the network is secure and only permitting authorised traffic in and out.
- Secure configuration – ensuring systems and configured securely and unnecessary services/ protocols are disabled.
- User access control – ensuring only authorised users have access and that access is controlled appropriately.
- Malware protection – ensuring systems are protected against malware.
- Security Update management – ensuring systems are kept up to date with latest security patches.
What comes next?
Our commitment to cyber security does not end here – the Cyber Essential Plus scheme provides a higher level of assurance by requiring an independent assessment of our systems. This will involve a vulnerability scan and on-site assessment of our systems – a requisite for working with government bodies! We hope to obtain this in short order and have then set our sights on ISO27001. This being an internationally recognised standard for information security management systems.
We are delighted to have obtained the Cyber Essentials certificate as we recognise this as an important step in protecting all of us against cyber threats, but we can not wait to take our cyber security to the next level!