25th April 2018
As of today,we are delighted to announce that we are Cyber Essentials Plus accredited.
Within Staff Squared, we have always taken data security and privacy extremely seriously, and believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. Our customers trust us with their data and so in return, it’s fair and right that we take necessary precautions to protect their data in every way possible.
To ensure that we had a strong foundation of security awareness in 2017, we obtained the Cyber Essentials accreditation. The accreditation costs £300 and is accomplished by carrying out an internal audit of our systems to ensure that as a business we adhere to various security best practices.
Staff Squared’s management team decided this year that in light of the upcoming GDPR changes and, in particular, given the data we store in our HR software, it is important that we double down on this focus on security and obtain both the Cyber Essentials Plus accreditation and the ISO 27001. This is to further embed a culture of data security awareness in the people that work at Staff Squared.
The Cyber Essentials Plus is a step on from the basic Cyber Essentials in that an independent assessor visits our offices to verify the specific security measures we state we have in place to ensure that they genuinely safeguard us from common CyberSecurity vulnerabilities.
How we meet the Cyber Essentials Standard
Cyber Essentials is a UK Government-backed scheme that is designed to help organisations of any size protect themselves against a range of the most common cyber attacks.
Their approach to security, and the regulations surrounding this, has meant that we’ve had to make some changes to the way we work in order to comply with this specification.
Most of these changes are internal and, as a customer, you won’t see any obvious changes to your Staff Squared account.
We were comforted when the independent assessor visited us on site and informed us that our setup was one of the best he had encountered. However, there’s always room for improvement and we made a number of minor changes to the way we work to make the computers we work on even more secure.
In addition to changes to each individual computer, our firewalls were penetration tested on the day to ensure that they were not vulnerable to attack.
Finally, we made a number of changes to the manner in which we hold and process data, which is part of a culture of change that we’re already adopting for the ISO 27001 standard currently working to achieve.
This means that, along with the new GDPR changes, our customer’s data is now safer than ever.
Clarisse works on our Customer Care Team to provide all of our customers with the very best care and guidance when using their HR software.