Local software development company PDMS has been awarded the UK Government’s Cyber Essential Plus Certificate of Compliance through one of the industries CREST certification bodies.
The Cyber Essentials certification program is a UK Government-backed scheme that guides businesses in protecting themselves against cyber threats; allowing organisations to demonstrate to customers and partners that cyber security is taken seriously. Supported by industry as a whole, the certification aims to ensure that security controls are in place and working effectively ensuring risks are mitigated from online threats through the secure configuration of an organisation’s computing resources. During the process, the certifying body assessed PDMS against a number of criteria at three distinct stages:
• Self-Assessment Questionnaire
• Remote Threat Scan
• Onsite Vulnerability Assessment
The Cyber Essentials Plus scheme is a thorough assessment of the organisation and builds upon the requirements of the basic certification; as a result providing greater security assurance. The additional phase of testing increases the validity of the Cyber Essentials certification considerably by providing evidence of compliance against the following areas:
• Prevention of malicious files entering the organisation from the Internet through either web traffic or email messages.
• The effectiveness of the anti-virus and malware protection mechanisms, should malicious content enter the organisation.
• The likelihood that the organisation will be compromised due to failings in the patching of the organisation’s workstations, in the event that the organisation’s protection mechanisms fail.
Neal Kelly, Director of Operations, comments on PDMS’ certification; “Cyber Essentials is an important UK government-driven initiative and being certified to the Plus standard helps us to further reassure our clients and partners around the world that cyber security is of paramount importance to us. I’d like to acknowledge the hard work of everyone at PDMS, particularly our Infrastructure team, who has helped the company in achieving this certification.”
Cyber Essentials Plus places an emphasis on technical controls and therefore complements PDMS’ ISO27001 certification, which primarily looks at governance, risk, and policy. Together these certifications demonstrate the company’s ongoing commitment to delivering secure online systems to both government and private sector clients.
As an approved GCloud supplier, working with a number of central and local UK Government organisations, the Cyber Essentials Plus certification provides added reassurance in relation to PDMS’ IT security.
Photo - Neal Kelly, Director of Operations & Simon Edwards, Quality and Standards Manager.