Olive Communications has been awarded the government backed Cyber Essentials accreditation; certifying our ongoing commitment to securing our systems and data.
The Cyber Essentials scheme identifies some fundamental security controls that organisations should have in place to secure themselves against common cyber threats. Olive was awarded our Cyber Essentials accreditation following a rigorous independent evaluation of our systems by Sec-1. As a managed cloud services provider, we have demonstrated our adherence to national best practice standards in five key cyber security controls:
- Ensuring secure access to networks.
- Configuring systems to minimise vulnerability to cyber attack.
- Restricting access to data and services to selected authorised users only.
- Ensuring all applications are equipped with the latest security updates.
- Maintaining up-to-date virus and malware protection.
Cyber Essentials is just one of the security related certifications Olive have gained. In 2018, we achieved in meeting requirements for ISO 27001, 9001, 14001, and OHSAS 18001; providing us with validation of quality, safety and efficiency, for ourselves, customers and suppliers.
5 simple steps to mitigate your business' cyber security risk:
As a starting point, it's worthwhile for businesses to benchmark where their existing site and system security currently ranks. You may start by checking; is your site protected? Are your firewalls up to date? Are your systems secure?
As water-tight as you think your cyber-security operation may be, it only takes a small trickle for your business to become vulnerable. As the old saying goes - a chain is only as strong as it's weakest link.
The same certainly applies to cyber security, it only takes one small leak for hackers to compromise sensitive information and for a breach to occur. To minimise risk, start off with a solid cyber security policy which all staff need to adhere to. From there, look at developing a rigorous training programme which covers the grounds of:
- Social engineering, phishing emails
- The importance of encrypting files
- Device security
- Multi-factor authentication
- Threat reaction plans
Remember to keep both your training and your cybersecurity regularly updated with shifts in threats and modern working.
We've all heard the rules, 1 capital letter, 1 numerical and a minimum amount of characters. Whilst many would consider this resilient enough to deter hackers from guessing their chosen password, this isn't the case. In fact, the National Cyber Security Centre found that 23.2 million victim accounts had 123456 as their password.
Business' need to be proactive in informing their staff on creating a secure and more sophisticated password, as well as understanding why it's important to do so. It's also worth administrator's setting up policies for password resets on a regular basis in order to minimise the likelihood of obvious/repeated passwords.
4. Limit Access
Access control means ensuring users have both the authorisation and authentication to access certain files, systems, files, etc. By providing staff with rights to to only the software, settings, data, etc. that is required to perform their specific role, the likelihood of an admin account being hacked is significantly reduced, thus reducing a greater impact to the business. Implementing additional layers of access (i.e. factor authentication, encryption, etc.) strengthens the security of any sensitive data/files/systems from hackers who typically are only able hack in to one element of authentication.
What's more, by digitalising this process, administrator's are able to access an audit trail of what files have been accessed by who and when.
5. Back. It. Up.
Even the most secure environments need a back up plan (literally). Whilst back ups won't proactively secure your environment, they're the only surefire way to recover your business critical data and files in the event of a worst case scenario. There are plenty of options available it comes to taking back ups, so make sure you pick an option that works best for your organisation, and how quickly you'll need to restore files.
These are just a few starting blocks to help secure your environment for both your customers and your business. Olive offer a wide range of products and services which could not only secure your environment, but also help establish a business continuity programme in the event of a worst-case-scenario. To find out how we can help, book in your 'art of the possible' session here.