Amwell specialises in Cyber Security and Information Assurance for small to medium sizes enterprises (SMEs). As an SME, you understand that security is vital to the health, and even survival, of your business. However, information security is not your core business so you may not have the capabilities in-house to handle the various aspects.At Amwell, we aim to partner with you to guide you through the complex landscape of risk assessment, threat identification, mitigation, and incident response. We can work with you to over time to turn security from a concern into a selling point for your business.
Almost all small businesses now make use of the internet in their day-to-day work (eg online banking, outsourced payroll, even just email to communicate with suppliers and customers). Some SMEs take this further and use the internet as a critical component of their service or the delivery of their service (eg businesses which take orders from their website).This use of the internet is beneficial in many ways but carries with it the risk of an internet-borne attack. For many businesses, a focus on internet-borne attacks provides an excellent first step to improved security. The UK government has created the Cyber Essentials scheme as an entry-level standard against which companies can be measured, and if compliant, certified. This certification proves to your customers that you take security seriously and that your business meets the requirements laid down by the UK government. Cyber Essentials certification is also mandatory for many contracts with government departments.Amwell can guide you through the process to become compliant with Cyber Essentials and gain certification.
Information assurance goes beyond Cyber Security and looks at information as a critical asset of your business which needs to be protected against threats to its confidentiality, integrity and availability. As well as the technical threats addressed by cyber security, information assurance looks at how to identify your information assets, protect them appropriately, detect any attacks/leaks and respond to them efficiently.
The most prominent and internationally recognised standard for information assurance is ISO 27001, which is used by many large organisations around the world. However, research has shown that smaller companies perceive the time and effort to achieve and maintain ISO 27001 certification to be too onerous.
IASME (Information Assurance for Small to Medium-sized Enterprises) is an information assurance framework which provides smaller companies an option which is more appropriate to their size and complexity. IASME is based on international standards and EU guidance and is simple, quick and cost-effective to implement. Certified IASME compliance can be used to demonstrate to your customers that you have taken the next step in assuring your business and its information assets.
Amwell can guide you through the process to become compliant with IASME and gain certification.
Securing your business
At Amwell we understand that information security is not your core business. Depending on your company size, you may have few or even no information security specialists in-house. This can make it challenging to maintain your defences against potential attacks and consequent security breaches.
At Amwell, we take an agile approach to your information security needs – always focusing on the actions which will give you the best return (in terms of increased security) on your investment. We are able to do this because we can combine our understanding of the information security landscape and our many years experience managing IT projects with agile methodologies such as XP and Scrum within highly-regulated industries like banking and asset management.
We aim to turn information security from a concern into an asset and selling point for your business. We do this by working with you to gain certifications for your business which demonstrate to your customers and the public that you take security seriously.
Amwell has a thorough understanding of both Cyber Essentials and IASME certifications. We can work with you to identify gaps between your current security arrangements and the requirements of the relevant certification. We can then recommend the most cost-effective way to bridge those gaps to achieve the certification.
Amwell is also a Certifying Body for both Cyber Essentials and IASME. This means that when you are ready to apply for certification, we are authorised by the relevant authorities to review your submissions and issue certificates of compliance if appropriate.
26 Bridge Road EastWelwyn Garden CityHertfordshireAL7 1HL
© Amwell Solutions Ltd 2018