MyConcern Awarded Cyber Essentials Plus Certification for Third Year Running!
The security of information held within MyConcern is of paramount importance, both to us and to our customers. Needless to say, all of our systems, processes and behaviours are designed to achieve the best possible levels of information security. We are committed to the highest levels of data security and endeavour to give our customers confidence in our systems. As such, we strive to achieve certain certifications to prove our dedication to the security of data. You can read about all our information security certificates here.
We are over the moon to announce that we have achieved the Cyber Essentials Plus certification for the third year running, as a result of our information security standards! To date we are the only safeguarding software provider to have achieved this certification (based on the accredited list of companies held by NCSC.gov.uk and the other safeguarding software providers that One Team Logic is aware of).
What is Cyber Essentials Plus?
Cyber Essentials Plus is a Government-backed, industry-supported scheme to help organisations protect themselves against common cyber-attacks such as phishing and spear-phishing attempts.
To achieve the certification, we have had to demonstrate the controls we have implemented to mitigate the risk from common internet-based threats, so that our customers can be assured that we have taken these essential precautions. These include:
- Ensuring hardware and software is kept up to date to ensure all bug fixes are applied
- Taking measures to stop email attachments or downloaded files from running (e.g. blocking files from running inside the downloads folder, users need to download the file, move the file and then run it)
- Blocking a number of file types over email (e.g. .zip files)
- Ensuring all company mobile devices have strong, 8-digit access codes
As part of this we undergo independent penetration testing to ensure our firewalls are as secure as they can be. We are also required to re-certify annually under this scheme and cannot use this certification unless we do so.
Why is this important?
We are currently the only safeguarding software provider to have achieved this certification, meaning that our dedication to cyber security is unmatched in the industry. Other providers only hold the Cyber Essentials certificate, which is a self-assessed questionnaire, whereas to achieve the Cyber Essentials Plus badge, our systems and processes have been put through a rigorous inspection process by independent external penetration testers, so our customers can enjoy peace of mind that their data is in the safest hands possible. The annual re-certification also holds us accountable to the continued commitment to cyber security, so customers can be assured that the security of their data is always a priority for us.
Paul Creedy, IT Manager for MyConcern Says:
"The Cyber Essentials Plus certification is a fantastic achievement for our company. It gives our customers peace of mind that our IT procedures and security defences will protect the company against the vast majority of common cyber-attacks. A lot of work and preparation goes on behind the scenes by the IT Team through the year to maintain this level of compliance in a technical organisation such as ours. This year was notably more difficult due to the pandemic and remote working situation which came with its own unique challenges. We couldn't achieve this without the ongoing cooperation from all staff."
If you’d like to see if your other suppliers have achieved either the Cyber Essentials or the Cyber Essentials Plus certification, you can search for their record here: https://www.ncsc.gov.uk/cyberessentials/search
Written by Sam Franklin