Get in touch today: 0800 133 7948 or Email us
Talk to an expert: hello@atlascode.com

Atlas is now CyberEssentials and Crown Commercial Service Supplier accredited

Posted on: March 29th, 2017 by Simon Swords

We’re delighted to announce that we are both a Crown Commercial Service Supplier and Cyber Essentials Accredited.

Why has Atlas done this?

Let’s break it down and give you some background. In addition to building websites for our lovely customers we also build, manage and sell a range of online software products. In October last year we were subject to a vicious DDOS attack from some unfriendly Russians.

A DDOS attack does not compromise customer data; instead it uses brute force to physically block our servers from accessing the Internet. As far as our customers were concerned all of our sales and product websites were offline. This is bad for business on a number of levels, not least of which is customer confidence in the event that the sites are down for a length of time. The attackers are all too aware of this, and sent the following ransom:

A good analogy here is to imagine you want to get in to your favourite shop, let’s say Waitrose. You turn up with your credit card warmed up ready to go, only to find a bunch of people arrived there before you and they’re blocking all of the entrances to the store. Nobody can get in, and equally nobody can get out. If Waitrose hadn’t stopped their free coffee offer you would be supremely miffed.

So we had bullies in our doorway “shop entrances” and they wanted to be paid to go away, in Bitcoin preferably, as that’s untraceable. Like all bullies, in paying them off there was every chance you’ll be popped on to the ‘soft target’ list, so we opted to bite down and suffer the downtime while we found a technical solution to their attack.

We did ultimately defeat the attack and reconfigured our hosting arrangement so that we’re infinitely less vulnerable to any future attacks. In addition and as part of this process we sought out ways in which we could publicly demonstrate to both existing and potential customers that we take the security of our services seriously, and this is when we discovered the CyberEssentials accreditation.

So what are the benefits of Cyber Essentials?

The five key controls of the Cyber Essentials scheme are:

CyberEssentials’ strength lies in its focus and simplicity. Unlike other more expensive and complicated accreditations such as ISO:27001, CyberEssentials deems that the above pillars of Atlas’ security policy are mandatory. The accreditation process provides us with comprehensive yet focussed checklists to work through. Upon satisfying our accreditation partner that we had completed the steps in each checklist we were then independently signed off.

The government created this scheme because they understand that doing business online is now the norm. Indeed Digital Economy Minister Ed Vaizey said:

“Trust and confidence in UK online security is crucial for consumers, businesses and investors. We want to make the UK the safest place in the world to do business online and Cyber Essentials is a great and simple way firms can protect themselves.”

What Ed is trying to say in his government speak is that most small and medium businesses could do more to protect their systems and websites from cyber attack, and CyberEssentials is a huge help in that regard.

Handily, it also provides us with access to cheaper insurance, which shows that the insurance companies take this accreditation very seriously too. We can’t remember the last time our insurance premiums reduced!

Cyber Essentials also opens up the door to doing business with government

As if all of the above wasn’t good enough reason to obtain a CyberEssentials accreditation, it was also a key part of our strategy in 2017 to do more business with local government.

The UK Government has set targets to ensure that 33% of business undertaken by national and local government is spent with SMEs by 2020. That’s a huge amount of opportunity but in order to gain access to it the government wants reassurances that businesses tendering take security seriously – and, you guessed it, that’s where CyberEssentials comes in to play. CyberEssentials is often included as a pre-requisite for any tender and rightly so.

We pitched to be a part of the cohort that gained approval as Digital Outcomes and Specialists 2 and this was approved in February 2017. We now have the security accreditation and the access to the opportunities that accreditation offers us. A real win win for SMEs and something we would recommend any digital services provider seriously considers.

Simon Swords

Simon Swords

Director

Managing Director

Want to stay up to date with the latest software news, advice and technical tips?

Loading
;