Fit to burst or fit for purpose?
5th June 2018
Outsource warns cyber risks can’t be ignored
15th June 2018

Outsource Solutions has successfully passed Cyber Essentials Plus assessment and been awarded certificate of assurance to confirm that we comply with the requirements of the Cyber Essentials Scheme.

What is Cyber Essentials?

In order to adopt good practices in information security, the UK government Department for Business, Innovation and Skills released a government-endorsed scheme called Cyber Essentials in 2014.

The scheme was introduced to ensure the protection of data, and for companies to understand how that data can be used, secured, or compromised. The scheme ensures that data is protected from common cyber threats online. Organisations can gain one of two Cyber Essentials badges, and it’s backed by the Federation of Small Businesses, the CBI, and many insurance companies who offer incentives to businesses.

The Cyber Essentials certification is required for any suppliers to the UK government who handle any sensitive and personal information and any companies bidding for government contracts needed this certification.

The Cyber Essentials certification process requires five technical controls in your company, and in order to pass the self-certification your organisation must meet all of the requirements:

  • Firewalls
  • Secure Configuration
  • User Access Control
  • Malware Protection
  • Patch Management

The two levels of certification

There are two levels of certification – Cyber Essentials, and Cyber Essentials PLUS.

Cyber Essentials is the DIY version. The organisation completes a self-assessment questionnaire and the responses are independently reviewed by an external certifying body.

Cyber Essentials PLUS has the same requirements as Cyber Essentials, except the system tests are carried out by an external certifying body, using tools and techniques which your company may not have access to.

An independent auditor completes the assessment by completing a security vulnerability scan of your IT infrastructure. The information gathered will guide any remedial actions, ensuring the company will meet the five technical controls to demonstrate good practice of information governance. As the external body works through your certification, you also have to supply evidence to ensure you meet all requirements.

This latest accreditation is part of the ongoing commitment at Outsource to continually improve our expertise and strive to deliver on our promise that everyone should benefit from the highest possible standards.

 

Contact Us