Fighting back against cyber attacks
Posted on Sep 10, 2018
Why should I embrace the ups and downs of stock markets?
- Oct 21, 2019
Top three tips for… deposit savings
- Oct 15, 2019
Is care leaving you confused?
- Oct 10, 2019
The Goodman Partnership is proud to have recently achieved the Government’s Cyber Essentials PLUS accreditation, having been independently assessed by IASME – one of just five companies appointed as accreditation bodies for assessing and certifying against the Government’s Cyber Essentials Scheme.
The Scheme aims to help organisations implement basic levels of protection against cyber attack, demonstrating to their customers that they take cyber security seriously. Since 1 October 2014, Cyber Essentials became a minimum requirement for bidding for some Government contracts.
The Scheme is available at two levels: Cyber Essentials and Cyber Essentials PLUS, the latter being a higher level of assurance, which The Goodman Partnership has achieved.
Cyber Essentials is an independently verified self-assessment; organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.
The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled Internet-based attackers using commodity capabilities – which are freely available on the Internet. They are:
1 Use a firewall to secure your Internet connection
2 Choose the most secure settings for your devices and software
3 Control who has access to your data and services
4 Protect yourself from viruses and other malware
5 Keep your devices and software up-to-date
Cyber Essentials PLUS, which The Goodman Partnership has achieved, is a higher level of assurance. A qualified and independent assessor examines the same five controls, testing that they work in practice by simulating basic hacking and phishing attacks.
The Cyber Essentials PLUS accreditation involves a technical audit of the systems that are in-scope for Cyber Essentials. This includes a representative set of user devices, all Internet gateways and all servers with services accessible to unauthenticated Internet users.
The assessor will test a suitable random sample of these systems (typically around 10 per cent) and then make a decision whether further testing is required.
Achieving the Cyber Essentials PLUS accreditation is a testament that The Goodman Partnership is taking the measures set out in the GDPR seriously. Over and above what the GDPR requires, we wanted to ensure that our client data is as secure as possible and one way to do this was to have our systems tested through Cyber Essentials PLUS.
Accreditations are important to The Goodman Partnership across all areas of our work and achieving this one shows how seriously we take looking after our clients’ personal information.