We’ve recently been awarded Cyber Essentials certification by the government, acknowledging the care we take around security and customer data.
Cyber security is becoming an increasingly important matter in today’s hyper-connected world. Theft of personal and customer data is a problem that affects everyone. Data is valuable and without the necessary safeguards, small and medium-sized companies are just as much at risk as large corporations and government bodies. When you’re working with sensitive client information, this is even more important to get right.
We are delighted to announce that Comtec has recently been awarded certification by the Cyber Essentials scheme. Cyber Essentials is a government-led scheme designed to ensure that companies have fundamental technical security policies and practices in place in order to defend against common cyber-attacks.
The Cyber Essentials programme was put in place in 2014 as part of the government’s £860 million National Cyber Security Programme with the aim of standardising cybersecurity certification so that businesses could work to a single set of approved standards.
The scheme focuses on five key areas of security, designated by CESG (the information security arm of GCHQ):
- Effective set-up and use of boundary firewalls and internet gateways
- Secure configuration of systems
- Appropriate access control
- Adequate and up-to-date malware protection
- Patch management to ensure the latest version of critical software is installed
Cyber Essentials certification is granted on the basis of a verified self-assessment that is carried out by the organisation itself and assessed by an independent certification body. Comtec recently completed the assessment process and successfully met all of the necessary criteria outlined above.
Given the sensitive nature of many of our clients’ businesses, we are very pleased to be able to announce this affirmation of our ongoing commitment to protecting sensitive data.
Comtec is also in the process of working toward ISO/IEC 27001:2013 certification for Information Security, with an aim to have achieved certification by 2017.