...
System Operations & Network Security | |
Use of Antivirus and Patch management |
|
Control of installation of unauthorised applications | ✔ Managed by our hosting partner We also have an internal policy |
Operational Procedures (config/installation and operation of systems hosting data) | Managed by our hosting partner |
Do you have a Security Information and Event Management (SIEM) for event correlation and analysis? | Managed by our hosting partner |
Security Monitoring | All of our platforms are monitored by our hosting partner to ensure no unwanted activity and also to check all systems are performing correctly. We also do our own separate security monitoring. We have also signed up to the NCSC Early Warning Service Early Warning - NCSC.GOV.UK |
Do you utilise Firewalls and Intrusion Detection System/Identity Provider (IDS/IdP)? | ✔ |
Do you use Encryption? | ✔ All traffic is secured by TLS, all disks are encrypted |
Do you have Annual PEN Testing | ✔ |
Are your firewall rules monitored and reviewed on an annual basis as part of your CE assessment? | ✔ |
Is there monitoring of Capacity/Scalability within your technology and infrastructure? | ✔ EPAPro has 99.9 percent availability. Annual Performance Test |
...