Data is the greatest treasure our clients trust us, and this business-critical information must be processed and stored with extra care. Since 2018, we have been using the Cyber Essentials certification process to ensure good cybersecurity practices and improve internal security policies. And since 2019, on top of the regular self-assessment, we choose to take the extra steps towards Cyber Essentials+ level security, which benefits our clients and our team.
“Cyberattacks, especially ransomware related news, are becoming more and more common. The damage can take out entire companies for weeks and leave a tremendous impact on their performance. That constantly reminds us – we should never let our guard down.”
What is the Cyber Essentials+ all about?
Cyber Essentials is a UK government scheme encouraging businesses and organisations to adopt good practices in information security. The Plus level certification has the exact requirements as the standard version, except it also includes a hands-on technical verification by an external auditor.
What does it mean for our clients?
The plus level certification gives our clients the confidence that Wunder takes information security seriously and shows that we’re backing up our commitments by inviting external auditors to review our processes.
“Our security baseline is strong and is getting better every year, thus assuring our clients their digital solutions will not get hit by random "drive-by" attacks on the internet. If our employee loses a device by accident, the information will remain inaccessible to anyone outside our company. And each phishing attempt, aiming to gain knowledge about our customers, will be met with suspicion and reported to the relevant parties inside our company.”
What does it mean for our team?
We do not just want to get the certification stamp but are instead ready to refine our internal security policies and documentation during the process. For our team members, the certification gives the assurance that their day-to-day work is up to standard.
We do not expect every team member to be a security expert on their own. Our employees are familiar with cybersecurity-related topics, and they also will, in part, bring that knowledge into the project development.