Support Revolution is now Cyber Essentials certified. This is a UK based certification that shows how seriously we take our own security and the security of all of our customers. Combined with our other certifications and our modern approach to ERP security, we offer our customers a safer service compared to other alternatives in the market.
“We’re happy to add the Cyber Essentials certification to our list of security qualifications along with ISO27001. We (at Support Revolution) take security seriously because we understand it’s not just ourselves we are defending, but all of our customers and their data too. This certification is a great addition that shows how we defend our organisation at every level, ensuring we follow the best practices set at both industry and government levels.”Kiran Gorajala, CIO for Support Revolution
What is Cyber Essentials (CE)?
CE is a UK a scheme that is backed by the government, created by the National Cyber Security Centre (NCSC). Its goal is to provide guidance to organisations on how to protect against cyber-attacks. It also aims to provide certifications to organisations that follow its guidelines.
The CE scheme and certification is built around five core pillars which it sets criteria against:
- Secure your Internet connection
- Secure your devices and software
- Control access to your data and services
- Protect from viruses and other malware
- Keep your devices and software up to date
While these may seem basic, many organisations do not have solid policies in place around these areas. This leaves the front door open to their systems. What’s worse, while your organisation may have its security in hand, your partner organisations may not, undoing all of your hard work!
This is why we pride ourselves on our approach to security. We keep your organisation safe, and don’t act as an unwitting backdoor to your data…
What difference does this make to our customers?
Being Cyber Essentials Certified demonstrates the strength of the standard security processes that we already follow. From automatic and time-sensitive device and software updates to physically and digitally securing all of our devices, we ensure that our data remains safe – so yours does too.
But that isn’t all. CE certifies the strength of our internal security and processes. However, we do a lot more to ensure our customer’s data and systems remain safe and maintain up to date security.
Busting Oracle and SAP’s myth
Oracle and SAP have often repeated that third-party support is an unsafe option compared to vendor support. Even stating that third parties cannot provide security patches. This is simply not true.
SAP only gives security updates once per month. Oracle only supplies patches (unless it’s a critical issue) every three months. Now add this time to the data from IBM that shows it takes an average of 279 days for an organisation to identify and contain a security flaw. You begin to realise just how unprotected ERP vendors leave you.
Compare this to the service Support Revolution provides, where we can provide a virtual patch to your organisation within hours. You can already see the stark difference between service levels.
This is just one of the reasons why many government and financial institutions across the world trust Support Revolution to provide not only business as usual support but also security patching for their ERP software.
How else Support Revolution protects its customers
But that’s not all. While our CE certification shows how we follow best practice, Support Revolution ensures it provides the highest tiers of security by focusing on three core areas.
- People: All of our staff are subject to detailed security checks before they join Support Revolution. For those customers with their own stringent security measures, we work closely with them to allocate dedicated teams. We have individuals in those teams cleared as if they were members of the customers’ own team. This ensures complete peace of mind.
- Processes: On top of our CE certification, our internal processes follow ITIL and are both ISO9001 and ISO27001 certified. The ISO9001 certification demonstrates our firm commitment to quality management principles. Our ISO27001 certification shows how we follow a systematic approach for managing sensitive company information.
- Technology: We are constantly developing our security portfolio and implementing new innovations. One example is our use of Trend Micro Deep Security to provide customers with virtual patches. With this, we can protect our customers from newly discovered vulnerabilities in a matter of hours. No system downtime is required as we protect at a server level.