Egress achieves Cyber Essentials Plus Certification again

Written by Jo Siers | Mon, Jul 1, 2024

At Egress, safeguarding our clients' data and maintaining the highest standards of cyber security, is at the core of what we do. So, we are delighted to announce that we have successfully passed the Cyber Essentials Plus audit again, re-affirming our commitment to protecting against cyber threats and ensuring robust security measures are in place.

What is Cyber Essentials Plus?

Cyber Essentials Plus is a certification that goes beyond the basic Cyber Essentials framework, which outlines the essential measures businesses should implement to guard against common cyber threats.

Whilst Cyber Essentials is self-assessed, Cyber Essentials Plus requires a hands-on technical verification conducted by an independent and accredited certification body. This rigorous assessment ensures that an organisation not only understands cyber security principles but also effectively implements them.

Our Journey to Certification

Achieving Cyber Essentials Plus is no small feat. It demands comprehensive preparation, thorough risk assessment, and meticulous implementation of security protocols. Here’s a glimpse into how we met this challenge head-on:

1. Assessment and Planning: We began with a detailed evaluation of our existing security measures. This step involved identifying potential vulnerabilities and understanding the specific requirements of the Cyber Essentials Plus framework.

2. Implementation of Security Controls: Next, we implemented and enhanced various security controls, such as:

Firewalls and Internet Gateways: Ensuring our defences block unauthorised access and malware.
Secure Configuration: Optimising settings to reduce risk.
User Access Control: Limiting access to sensitive data based on roles and responsibilities.
Malware Protection: Deploying advanced antivirus and anti-malware solutions.
Patch Management: Keeping software up to date to mitigate vulnerabilities.

3. Internal Testing: Before the official audit, we conducted rigorous internal testing to verify the effectiveness of our security measures. This step allowed us to address any issues proactively.

4. External Audit: The final and most critical phase was the external audit. An accredited certification body thoroughly tested our systems, assessing everything from network security to user access controls. Passing this audit required demonstrating that our defences are not only in place but also effective against real-world cyber threats.

The Benefits of Cyber Essentials Plus

Achieving Cyber Essentials Plus certification brings numerous benefits to Egress and our clients:

Enhanced Security Position: We have fortified our defences, significantly reducing the risk of cyber-attacks.
Client Confidence: Our clients can trust that their data is secure, knowing we adhere to the highest standards of cybersecurity.
Regulatory Compliance: It also ensures compliance with various regulatory requirements, further demonstrating our commitment to protecting client data.

Our Continuous Commitment

Passing the Cyber Essentials Plus audit is a significant milestone, but it is just one part of our on-going commitment to cyber security. We continuously strive to enhance our security measures, stay ahead of emerging threats, and provide our clients with the safest and most reliable solutions.

We remain dedicated to maintaining the trust and confidence our clients place in us and will continue to uphold the highest standards of cyber security possible.

Whether you are just about to embark on, or are part way through, your data programme - we can help. We will deliver the data confidence you need to support your digital transformation aspirations.

Get in touch.

View full post