Becketts are delighted to announce that we have recently been awarded compliance with ISO27001:2013 for Cyber services.
This is a framework which is typically awarded to major corporate businesses and demonstrates Becketts commitment to keeping your data safe and ensuring compliance with the ever changing IT landscape.
As a provider of Voice & Data Services to both the public and private sector, we recognise that information security is a top priority. Cyber threats are on the rise and businesses must take every measure possible to safeguard sensitive data. One of the most stringent frameworks for information security management is ISO 27001:2013.
Obtaining this certification is a lengthy process, but once achieved, it assures you that we are taking all necessary precautions to protect your data.
This certification means that we have implemented comprehensive measures to protect your data and maintain confidentiality, integrity, and availability of your information assets.
As a customer, you can be assured that Becketts is taking all necessary steps to prevent unauthorised access, theft, or misuse of your sensitive data. You can also trust that we have established policies and procedures to identify and address security risks and vulnerabilities regularly.
Overall, ISO 27001:2013 accreditation means that you can be secure in the knowledge that Becketts takes your data extremely seriously both now and in the future.
Accreditation is be a comprehensive process and covers the following steps:
1. Conduct a gap analysis – This allowed us to identify where there may be challenges or issues in the way we handled data
2. Develop an Information Security Management System (ISMS) – Once we know where there may be issues, or potential issues we had to develop an ISMS. This is a framework that outlines the policies, procedures, and practices we will adopt to protect sensitive data and includes the identification of risks, implementation of controls, implementation of monitoring processes, and a
continuous improvement plan.
3. Implement controls and processes – We then had to train our staff on the processes outlined in the ISMS and allow for feedback on any identified risks.
4. Conduct internal audits – To ensure that we are able to retain certification we had to ensure that everything we do is audited and logged – and where improvements or changes had to be made
5. Certification – We were certified after a 3 day auditing process which included staff interviews, monitoring of working practices and reviews of documents