SmartSurvey Secures Cyber Essentials PLUS for Fifth Year Running
We’re delighted to announce that we’ve just had our Cyber Essentials PLUS accreditation extended for the fifth year in a row, which puts us in the very highest bracket of UK firms with regards to the cyber security assurances we can provide for our customers.
To retain our accreditation status under this UK government backed scheme, we had to undergo a rigorous assessment with an independent auditor from the IASME Consortium. This involved the testing of five key cyber security controls that our company needs to have in place to meet this standard including boundary firewalls, internet gateways, secure configuration, access control, malware protection and patch management. During testing the qualified assessor needs to simulate a range of cyber-attacks to ensure the systems provide the level of robust security required.
As a fast-growing business who is a trusted supplier to local organisations such as Gloucestershire County Council, Stroud District Council and NHS Gloucestershire, as well as leading Global Brands, our ability to provide high levels of cyber security is paramount, as day to day we have to manage vast amounts of customer data.
Customer security is at the heart of everything we do
Our Cyber Essentials PLUS accreditation also complements our status as an approved supplier with the Government Digital Services (G-Cloud) framework – a specialist suppliers’ database for public sector organisations to seek out and work with technology partners. Given our growing success in this sector, where we currently work with 65% of central government departments and nearly a third of all UK councils, our long held Cyber Essentials accreditation has been really valuable in enabling us to consolidate our position as the number one data collection platform for the public sector.
Delighted with this latest development, SmartSurvey’s CEO, Mo Naser said:
“Our re-accreditation of Cyber Essentials PLUS for a fifth year in a row is absolutely fantastic and demonstrates how committed we are to cyber security. We take our customers’ data security extremely seriously, it’s one of our key differentiators over competitors and we are always looking at ways in which we can further strengthen the systems and processes we have in place. We look forward to being able to help even more of the UK’s businesses in the future enabling them to securely collect the data they need to make smart decisions.”
In conjunction with Cyber Essentials Plus, we are also ISO27001 certified, ensuing the right processes and behaviours are in place across systems and personnel to ensure the highest levels of data security. And unlike many other competitors, our company stores all customer data in the UK & Ireland (including backups) to ensure our customers are fully GDPR compliant.
About Cyber Essentials
Cyber Essentials aims to help organisations implement basic levels of protection against cyber-attack, demonstrating to their customers that they take cyber security seriously. The scheme is available at two levels:
- Cyber Essentials – an independently verified self-assessment. Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.
- Cyber Essentials PLUS – a higher level of assurance. A qualified and independent assessor examines the same five controls, testing that they work in practice by simulating basic hacking and phishing attacks.
The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet.
Organisations that undertake Cyber Essentials are encouraged to recertify at least once a year and, where appropriate, progress their security.
Since 1 October 2014, Cyber Essentials became a minimum requirement for bidding for some government contracts (https://www.gov.uk/government/publications/procurement-policy-note-0914-cyber-essentials-scheme-certification)
For further information please see ncsc.gov.uk/cyberaware/home.