It's one thing to be secure; it's another thing to prove it.
We have combined our IT Assurance expertise to create a
unique, market-leading Certification Programme.
The 365 Secure certification helps our clients to increase revenues, improve security and mitigate the risks of data breaches. It can be incorporated into your web site, sales collateral and marketing material to provide proof to your customers, business partners & auditors that you are taking serious, proactive measures to ensure the ongoing security of their information.
As the 365 Secure certification programme is managed, authorised and monitored by Europe's leading provider of independent security advisory & testing services, you and your clients can be fully confident in the integrity and value of the certification.
The certification leverages NCC Group's industry leading skills in IT Security Testing, Monitoring and Consultancy, providing an independently monitored programme.
How it works
Based on leading security testing methodologies and industry best practice standards, the programme has three key requirements:
The Technical Security Assessment takes the form of manual application and infrastructure security and penetration testing. Once remediation and a retest has taken place provisional certification will be issued and the certification support programme will be instigated.
Once enrolled into Minerva our Managed Security Monitoring Service (MSMS), your infrastructure will be monitored for any changes and new vulnerabilities. If any changes are found you will be alerted so that relevant immediate remediation can be carried out, therefore reducing the risk of breach.
As part of the Information Security Review, your security policies and procedures in conjunction with physical, technical and personal security will be reviewed against industry best practice standards, such as the Data Protection Act, ISO 27001, SAS 70 and others, as relevant. Following initial remediation, full 365 Secure certification will be issued.
Certification Support Programme
The support programme is available to all organisations that have achieved, at minimum, provisional 365 Secure certification. It is designed to provide significant added value and assist in helping promote the organisation's proven best practice.
The support programme encompasses the following areas:
- Web partnership: We will provide a certification mark for your web site and an associated "click through" page, describing the programme and promoting the enhanced security measures being taken
- Marketing material: We will work with you to promote your certification with co-branded marketing collateral, development of case studies, quotes and other certifi cation information for internal and external communication
- Sales support: We offer sales support to help you sell the benefits of your certification and explain the best practice standards behind it
Key benefits include:
- A visible and tangible way of displaying to customers, business partners and auditors that you are taking proactive measures to ensure the security of their data
- Retention of clients and increased sales through a better marketing and sales campaign highlighting the extensive security measures being taken
- Independence - The assurance that we give is truly independent and you can be confi dent in the integrity of our results
- Improved security of key applications and infrastructure
- Potential reduction in Total Cost of Ownership (TCO) of security through outsourced vulnerability monitoring
- Peace of mind - You can focus on your core business, safe in the knowledge that the security, availability and performance of web site(s) and key application(s) is being monitored on your behalf. You will only be alerted when you have a potential problem
- Improved response times to potential security breaches through proactive, immediate notifi cation of critical vulnerabilities and advice on remediation
- Cost effectiveness - By bringing together the vital areas of information security, availability and web site performance assurance as a single managed service, we are able to ensure that the return on your investment is maximised.
Our Accreditations
- We are accredited by the Payment Card Industry as a Qualified Security Assessor (QSA) and as a PCI Approved Scanning Vendor (ASV)
- We have in-house consultants with both CESG CLAS and CESG CHECK ‘Green’ accreditation for information and IT security
- We employ qualified ISO 27001 and BS 25999 lead auditors and implementers
- We are accredited to the ISO9001:2000 Quality Management Standard
Call +44 (0)161 209 5288 today for more information.