Weald practices what it preaches and holds the information security standard – ISO 27001
In order to comply with expectations of clients, we will also be gaining our Cyber Essentials Plus certification – which is another worthwhile standard recommended by by the National Cyber Security Centre.
If you want to get certified, we offer Cyber Essentials Plus as a service and if you want to go further we work with a partner who will get you certified for GDPR and ISO27001.
Identity and Access Management
Protect identities and control access to your resources.
We strongly recommend the use of MFA. It is built into Office 365.
(Multi-factor / 2 Factor authentication)
Where use of mobiles is not appropriate, we recommend the use of 3rd party USB key devices for access control.
One of the basic principles of information security is to ensure documents and emails are seen only by those who ‘need’ to see them.
Data Loss Prevention DLP
Data Loss Prevention to identify, monitor and protect sensitive data. In practice this means incoming and outgoing email and attachments will be scanned for credit card numbers, passport numbers, driving licence numbers and long lists of personal information. It will alert the administrator and prevent the item being sent.
Information protection at desktop (bitlocker encryption) – worth doing as also protects from ransomware. (you cannot encrypt twice).
Encrypted documents and emails. Use passwords in Excel – this encrypts the excel document.
Manage application usage
Protect against malware and phishing
Protect against advanced threats and recover quickly when attacked.
Education & Testing
Phishing testing of various standards available from Weald as a service.
Gain visibility and control over security by using Office 365, Azure and Security Log auditing.
Report on and review incidents.
Respond and change to improve adherence to policy.
Cyber Essentials Plus
Get certified with Weald