Case Study | How can we achieve Cyber Essentials and ISO27001 accreditations?
As a business working within the complexities of the NHS supply chain, a long-term client fell under pressure to step-up their cyber security defences and prove as such by achieving nationally recognised certifications, Cyber Essentials along with ISO:27001.
To continue to work within the healthcare sector and be compliant to new tender requirements to work within the NHS supply chain, this business had a requirement to be compliant to the government’s flagship cybersecurity programme, Cyber Essentials.
While also needing to achieve the further-reaching ISO:27001 standard. Both of these standards can be considered fundamental for organisations operating within particularly sensitive industry sectors where legislative regulations are prevalent.
The customer at a Glance
(Identity will remain anonymous for confidentiality). Working within the NHS supply chain, this long serving client builds and manufactures medical supplies for the NHS supply chain, ensuring quality and efficiency to maintain a steady source of supplies.
Industry - Manufacturing Industry
Sector - Medical Supplies
Size - 40 Staff Members
Location - Cambridgeshire, United Kingdom
Having been a client for many years, Onebyte was more than happy to help with a challenge faced by a growing number of businesses in this digital age. We were well positioned to provide strategically aligned and compliance-driven consultative support and managed security services to overcome this challenge, leaning on our industry insight, experience and knowledge.
We provided comprehensive consultancy, support and professional technical services to:
a. Provide gap analysis between the current level of defences, policies and procedures in place; against the individual requirements of Cyber Essentials and ISO:27001
b. Implement best practice policies, procedures and system changes to ensure a comprehensive defence against cyber threats, while also meeting the requirements of the standards
c. Deploy new technologies to replace existing lower-grades of cyber security technical defences, such as a firewall, malware protection and email filtering
d. Supported the documentation process to apply and secure both Cyber Essentials and ISO:27001 accreditations
e. Provide ongoing support, maintenance and advice for the upkeep of said accreditations.
Our process commenced with a full in-depth audit of the network, server and security infrastructure – alongside the obtaining of a deeper understanding of the working practices within the organisation.
The technical and commercial audits permitted us to present a workable solution to the business that would not only increase security but be workable for the business with some best practice recommendations altering the current IT infrastructure, configuration and usage.
The technical implementation steps required us to supply a modern firewall appliance to better secure the network, which was configured to current best practice standards. The network and computer systems also had to undergo some re-configuration, alongside re-structuring the access permissions and password management that was in place.
Following the implementation, we documented the steps and processes to bring ease to the certification process for both Cyber Essentials and ISO27001.
The business is now more secure and compliant, protecting their valuable data and operations against an ever-growing cyber threat, while ensuring their position remains secure as a key supplier in the NHS community.
The business is now able to rely upon:
- Cyber Essentials Certification
- ISO27001 Certification
- Strong and comprehensive cyber defences and procedures
"Onebyte made this entire process simple and extremely efficient. With the rules and regulations knocking on our front door, we were in need of a helping hand to be compliant and secure our revenue for the future, Onebyte helped us do just that."
At Onebyte we build professional relationships that last, providing an excellent service to build and advance your business within your requirements and budget. We specialise and can work with many sectors; including those with regulatory burden such as financial services and healthcare.
Onebyte is an IT service provider that specialises in providing strategically aligned, compliance-driven, managed IT services to SMEs in London, Norfolk, Suffolk, Essex and Cambridgeshire.
This different approach to managing information and technology is guaranteed to find and eliminate risk, increase efficiency and empower our client's businesses to leverage technology which will provide a real return on the investment they make in their IT and help realise their vision.