Cyber Essentials Certified

To celebrate SmartestEnergy’s Cyber Essentials Certification, Vice-President for IT and Change, Sophie Taylor outlines what the accreditation means and how we’re taking steps to improve customer protection.

As of May 2019, we became officially certified under the National Cyber Security Centre’s Cyber Essentials Scheme. This Government backed program sets out standards for our internal processes and data protection to ensure that we are looking after our customer’s important information.

The Cyber Essentials scheme helps organisations to protect the confidentiality, integrity and availability of data stored on devices which connect to the Internet. Such devices can include desktop and laptop PCs; tablets and smartphones; and all types of server and networking equipment.

Following the certification process, SmartestEnergy has been deemed to have sufficient processes to protect against the most common types of internet threats, namely;

• Hacking — which involves targeting known vulnerabilities in devices with an internet connection;

• Phishing (amongst other methods) — of tricking people into installing or running malicious applications;

• Password guessing — be it manual or automated efforts to log on from the Internet.

To achieve the accreditation, SmartestEnergy had to document that the technology, policies and processes were in place to protect data on internet-connected devices.

Once this was reviewed and approved, the certification body also carried out a penetration test, to ensure that data couldn’t be obtained through the methods outlined above.

We’re proud to be the first of Marubeni’s UK businesses to achieve the Cyber Essentials Certification, but we don’t intend to rest on our laurels either. We continually review and assess our internal processes to make our online defences the best they can be, so you can feel safe sharing your data with us.

To find out more about the scheme, follow this link.