Blog

category filters go here

RedMosquito and ISO 27001

RedMosquito achieved the IEC/ISO 27001 Information Security standard in 2018.  This month we are proud to have passed our first annual external audit for the standard. Achieving this globally recognised information security standard last year was a milestone for the company.  Against the backdrop of the introduction of GDPR and perpetually evolving cyber security threats, we worked hard to put a robust Information Security Management System in place to achieve certification.  As a provider of IT Support and IT Security services to SMEs in Glasgow, Edinburgh and throughout the UK,  we believe it is vital we can demonstrate we operate first class information security policies.

ISO 27001 is based on a risk assessment model.  The company works to identify information security risks and puts controls in place to mitigate them as far as possible.  The standard requires a commitment to ongoing improvement and a programme of internal and external audits.  Working towards this certification is a big commitment for any company.  If you would like to explore whether this certification is a good fit for your business, our Technical Consultants can help you assess which information security or cyber security standards works best for you.  In addition to the ISO 27001, there are some additional certifications you may consider exploring:

New ISO – privacy information management

The introduction of GDPR required controllers and processors of personal data to implement “appropriate technical and organisational measures to secure data”.  The ISO/IEC bodies have reacted to this by introducing a new standard within the ISO 27000 information security suite of standards – ISO/IEC 27701 on privacy information management.   Although not aligning to any specific data protection regime it instead aims to help organisations conform to several privacy regimes.  This international standard could be a useful way of demonstrating to customers and other stakeholder that their data is safe.

Cyber Essentials 

For businesses who cannot take on the commitment an ISO demands then the Cyber Essentials scheme can be a useful certification.   Our articles here give a good overview this scheme.  RedMosquito have this certification in place and are SBRC ACE Practitioners.     This means they have been externally verified as being able to support customers towards their Cyber Essentials certification.

If you would like to have a chat about any of these standards and whether they are a fit for your business, then contact our team today.

RedMosquito provides IT Support and IT Security Services to SMEs in Glasgow, Edinburgh and throughout Scotland. 

 

Introducing MyGlue – our password management tool

Storing passwords on a post-it note stuck to your screen is never a good idea! Yet, if you allow your employees to make their own decisions on how they remember corporate passwords – then can you really be sure this isn’t happening within your workplace?! Bad habits around password management can create security risks and […]

Insider Threat Detection

One of the National Cyber Security Centre’s recent Weekly Threat Reports details the damage inflicted on a PPE company by a disgruntled ex-employee.  Interestingly, the departing Vice President managed to embark on his campaign of destruction even though the employer had followed good IT protocols for dealing with leavers. The employer had revoked the employees […]

microsoft logo windows 2008

SharePoint or OneDrive for Business?

As one of Glasgow’s key Microsoft partners, we are often asked to advise our IT Support customers on which Microsoft business platform best meets their need. SharePoint and OneDrive are a common example of this, with similar (but not the same) features, it can be difficult for SMEs to know which is the best fit. […]