Cyber Essentials Plus is a UK Government-backed scheme designed to guard organisations against cyber attack
It ensures our systems are up to date, secure and fit for purpose meaning our clients can rest assured that they are working with a business that is confident in its digital security. Plus, we have the hands-on knowledge to guide their security measures when we develop their websites and systems.
By having a clear picture of our organisation’s cyber security level, we can remain vigilant and keep ourselves ahead of any risk. Further securing our position as a reliable and trusted provider, particularly in the more heavily regulated industries and strengthening our position to further support larger government-backed organisations.
We signed up for Cyber Essentials Plus as part of our ambition to be transparent, accountable and authentically proactive for higher standards of security and support – meaning our clients can be confident they are in a safe pair of hands.
Our Cyber Essentials and Cyber Essentials Plus reviews were overseen by URM Consulting Services.
We were assessed on critical pillars of security
- External vulnerability scan which is conducted remotely looking at firewalls, routers, servers etc.
- Internal vulnerability scan searches the internal network for potential vulnerabilities in the system on ‘sampled devices’.
- Email checks – accessibility, malware scanner effectiveness and strength.
- Malware delivered over web test via a controlled attempt to download malicious files, macros and run remote scripts tested using sampled devices.
Doing more to be sure
Why PLUS is different – self-assessment and independent review of our position
We decided to work to achieve the higher assessment level – Cyber Essentials Plus which ‘To achieve Cyber Essentials Plus, you must already be certified to Cyber Essentials. Gaining the extra qualification will also involve a technical expert conducting an on-site or remote audit on your IT systems, including a representative set of user devices, all Internet gateways and all servers with services accessible to unauthenticated Internet users. “
Working with Lauren and the team has allowed us to elevate our security measures and we can step confidently forward knowing we are in the best position to support ourselves and our customers.
We signed up for Cyber Essentials Plus as part of our ambition to be transparent, accountable and authentically proactive for higher standards of security and support – meaning our clients can be confident they are in a safe pair of hands.
How did we do?
URM’S assessor commented, “Infotex has a strong set of controls in place and an exemplary patching process where the organisation is applying the most up-to-date operating systems and system software which provides both security and stability.”
Richard Howlett, a Lead Developer at Infotex said ‘We are very proud of achieving Cyber Essentials Plus certification. Infotex has made some significant investments in its cyber security infrastructure and this external validation provides a clear demonstration to our clients and partners of our commitment to protecting the organisation from cyber-related attacks.”
The bigger picture
Understanding the bigger picture, and the impact COVID and working from home measures have had in the background of businesses.
“The government reports that as many as two in five UK firms have experienced cyber attacks in the last year.”
Throughout the assessment process, we learned that many businesses have experienced issues similar to ours.
Martin Jones, who leads the Cyber Essentials Plus initiative commented “During the COVID-19 pandemic, a significant number of organisations have struggled to keep up-to-date with the latest patch cycles and security updates as the patching systems were kept on the local network. With many, if not all, machines being remote, the patches could not be applied effectively. Some organisations have relied on end-users to apply patches manually, but this relies on the users’ technical aptitude and conscientiousness.”
A significant portion of the effort surrounding mobilising our staff to effectively work from home was the proactive management of our IT kit by our talented and experienced staff members.
This was a key concern for our team, as our stability and security mindfulness directly impacts our clients and their business. We decided to boost our online resilience by taking the proactive steps to work with the team at URM Consulting Services to thoroughly assess our position, and take any necessary corrective steps.
“Infotex managed to keep their applications up-to-date despite the challenges being faced. They achieved this by applying updates remotely and by keeping the number of applications they use to a minimum hence reducing the effort required.”
If you would like to learn more about what we did, and how we can support your business – give us a call. Every project starts with a chat.