At Eploy, Information Security for our business and our customer's data is at the heart of everything we do. We have implemented a comprehensive Information Security policy and governance framework which has been certified to the IASME Governance Standard and Cyber Essentials.
IASME Governance Standard
The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. The IASME standard was recently recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups. Find out more about the IASME Governance Standard here.
Cyber Essentials Plus
IASME is one of just four companies appointed as Accreditation Bodies for assessing and certifying against the Government's Cyber Essentials Scheme. The Scheme focuses on the five most important technical security controls. These controls were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber attacks over the last few years. Eploy has been audited to the Cyber Essentials Plus standard. Find out more about Cyber Essentials here
Audited by Netcraft
Eploy is audited by Netcraft on a rolling quarterly basis. This involves Netcraft testing our internet infrastructure and supplies us with the information we need to maintain your security and eliminate vulnerabilities. The service provides Eploy with a dynamically generated seal which audits that no serious vulnerabilities were found. This gives our users and customers the confidence that we are proactive about security, and the assurance that our services are scanned regularly.
What does Audited by Netcraft mean?
A great many sites now display a seal from the provider of their SSL certificate. However, using SSL simply ensures that the traffic between the browser and the site is encrypted – it says nothing about the security of the site itself, or the configuration of your servers.
Audited by Netcraft shows our customers that we are actively maintaining our network security and protecting our systems and infrastructure from remote attacks. The “Audited by Netcraft” seal is served dynamically and shows the date of the last test in which no serious vulnerabilities that could permit remote compromise were detected. As Netcraft updates its scanning suite each day, adding new tests for the latest security exploits as they are discovered, you can be confident in the security of a site that is ‘Audited by Netcraft’.
How it Works
Netcraft test our network address space to determine which machines and services are available to the internet.
The tests include a full TCP and UDP port scan to identify available services on each responding host. Each service is tested for information leaks, configuration errors and potential vulnerabilities. Netcraft’s database of vulnerabilities contains the collective experience gained from testing thousands of networks, using both public security advisories and our own research. It is continually updated, with over 250 new classes of vulnerability added each year.
Learn more about Audited with Netcraft here...
Hellios Stage 2 FSQS
Eploy has achieved the Hellios Stage 2 Financial Services Supplier Qualification (FSQS), which is used by major Banks and Financial Services Organisations when selecting suppliers.
FSQS is designed to improve the standard of suppliers through a common set of policy and risk areas including IT Security, Operational Risks, GDPR and Responsible Business Governance which are regularly reviewed and updated to stay ahead of regulatory changes. Read more about the qualification here