Support Revolution is now Cyber Essentials (CE) certified. This is a UK based certification that shows how seriously we take our own security and the security of all of our customers. Combined with our other certifications and our modern approach to ERP security, we offer our customers a superior service compared to other alternatives in the market.
“We’re happy to add the Cyber Essentials certification to our list of security qualifications along with ISO27001. We (at Support Revolution) take security seriously because we understand it’s not just ourselves we are defending, but all of our customers and their data too. This certification is a great addition that shows how we defend our organisation at every level, ensuring we follow the best practices set at both industry and government levels.”Kiran Gorajala, CIO for Support Revolution
What is Cyber Essentials (CE)?
CE is a UK government-backed scheme created by the National Cyber Security Centre (NCSC). Its goal is to provide guidance to organisations on how to protect against cyber-attacks and provides certifications to organisations that follow its guidelines.
The CE scheme and certification is built around 5 core pillars which it sets criteria against:
- Secure your Internet connection
- Secure your devices and software
- Control access to your data and services
- Protect from viruses and other malware
- Keep your devices and software up to date
While these may seem basic, many organisations do not have solid policies in place around these areas, effectively leaving the front door unlocked to their systems. What’s worse, while your organisation may have its security in hand, your partner organisations may not, undoing all of your hard work!
This is why we pride ourselves on our approach to security, as we keep your organisation safe, and not acting as an unwitting backdoor to your data…
What difference does this make to our customers?
The CE certification demonstrates the strength of the standard security processes that we already follow. From automatic and time-sensitive device and software updates to physically and digitally securing all of our devices, we ensure that our data remains safe – so yours does too.
But that isn’t all. CE certifies the strength of our internal security and processes, but we do a lot more to ensure our customer’s data and systems remain safe and maintain up to date security.
Oracle and SAP have often repeated that third-party support is an unsafe alternative compared to vendor support, even stating that third parties cannot provide security patches. This is untrue.
SAP only provides security updates once per month, while Oracle only supplies patches (unless it’s a critical issue) every three months. If you add this time to the data from IBM that shows it takes an average of 279 days for an organisation to identify and contain a security flaw – and you begin to realise just how unprotected many organisations really are.
Compare this to the service Support Revolution provides, where we can provide a virtual patch to your organisation within hours, and you can already see the stark difference between service levels.
This is just one of the reasons why many government organisations and financial institutions across the world trust Support Revolution to provide not only business as usual support but also their security patching for their ERP software.
How else Support Revolution protects its customers
But that’s not all, while our CE certification shows how we follow best practice, Support Revolution ensures it provides the highest tiers of security by focusing on three core areas:
- People: All of our staff are subject to detailed security checks before they join Support Revolution. For those customers with their own stringent security requirements, we work closely in partnership with them to allocate dedicated teams and have individuals in those teams cleared as if they were members of the customers’ own team to provide complete peace of mind.
- Processes: On top of our CE certification, our internal processes follow ITIL and are both ISO9001 and ISO27001 certified. The ISO9001 certification demonstrates our firm commitment to quality management principles, while our ISO27001 certification shows how we follow a systematic approach for managing sensitive company information so that it remains secure.
- Technology: We are constantly developing our security portfolio and implementing new innovations, but one example is our use of Trend Micro Deep Security to provide our customers with virtual patches. With this, we can protect our customers from newly discovered vulnerabilities in a matter of hours, with no system downtime required as we protect at a server level.