Cyber Essentials Plus
As a cyber security vendor, and an advocate for a Secure by Design approach to developing products and services, we believe that validation by independent third parties is an important process, and one that generates many benefits, not just for ourselves but our customers too. We are committed to continually improving our internal processes to ensure that they are of the highest quality and stand up to external scrutiny. We are therefore delighted to announce that we have now achieved Cyber Essentials Plus certification for our whole organisation.
Cyber Essentials is a government backed scheme that helps organisations to protect themselves from a whole range of cyber attacks. There are two levels of certification:
Cyber Essentials, which is a self assessment framework (which we’ve held since 2017)
Cyber Essentials Plus, the higher level of certification which includes additional external technical verification.
More details here: https://www.ncsc.gov.uk/cyberessentials/overview.
We undertook this extra level of certification to provide additional peace of mind to our customers that our internal standards of cyber security comply with industry best practice. In submitting to a thorough and rigorous external verification, we also received feedback, which is a highly valuable part of the process.
Cyber Essentials Plus (CE+) certification is completed annually, and as such, demonstrates our continual commitment to ensure our processes are constantly evolving and improving. CE+ complements our ISO27001 certification – a proven methodology for ensuring processes are security focused – achieved in March 2021.
Secure by Default is in our DNA
At Armour, Secure by Design and Secure by Default principles are in our very DNA. We’ve been working with the NCSC for many years to ensure that our products conform to the appropriate industry standards, and are designed with the end user in mind. If a security product isn’t easy to use, then it isn’t a security product (because the end user will simply find something that is easy to use instead).
Cyber Essentials Plus is the latest milestone in our mission to demonstrate that we practice what we preach – our internal processes have been validated as cyber secure. This focus on external certification fosters a cyber-aware environment for our employees so that they are able to deliver great products that are Secure by Design, directly address the real-world challenges of secure communications, and that people enjoy using.
For more about Secure by Default, Secure by Design and the NCSC’s Principles Based Assurance read our blog: The Future of Technical Assurance