According to various media reports, a ‘category one’ cyber-attack will happen “sometime in the next few years” says a director of the National Cyber Security Centre (NCSC).

– Major cyber-attack on its way
– Businesses need to change the way they think about cyber security
– A switch to risk management and understanding the impact of data loss is vital
– Investing in digital security products should be secondary to a tailored strategy

The NCSC reports to Government Communications Headquarters (GCHQ) and holds responsibility for safeguarding the information security of the UK. It was founded in 2016 to provide advice and support for the public and private sectors in how to avoid digital security threats.

Since its launch, NCSC has dealt with 500 incidents incorporating 470 category three and 30 category two including the WannaCry ransomware attack that crippled the NHS and other organisations in 2017. A category one incident – the most serious and the only one that would require a government response – is yet to occur, but is said to be on its way in the next few years.

Time for change: a new approach to cyber security is needed

Dr Ian Levy is technical director of the NCSC. He believes that businesses, and governments, need to change the way they approach cyber security. Dr Levy says that rather than obsessing about buying the right security products, organisations should instead focus on managing risk; understanding the data they hold, the value it has and how much damage could result should it be lost.

Dr Levy’s advice was issued in the wake of a major cyber breach at US data broker Equifax which resulted in the loss of more than 130 million personal records of American citizens. The data stolen included names, addresses, dates of birth and social security numbers; basically everything required to steal a person’s identity. The attack also saw 400,000 British residents affected and, whilst the information stolen was less personal (names, dates of birth, email addresses and telephone numbers), it still represented a very serious breach.

The words of Dr Levy cast a very worrying cloud over the state of the nation’s security infrastructure, particularly as he has stated that it will take a category one incident in order for changes to be adopted, because only an attack of that seriousness would call for a government inquiry or independent investigation.

“Then what will really come out is that it was entirely preventable… It will turn out that the organisation that has been breached didn’t really understand what data they had, what value it had or the impact it could have outside that organisation,” said Dr Levy.

How to prevent a catastrophic cyber security breach affecting your organisation?

Dr Levy recommends that organisations looking to avoid being affected by a major security breach should turn their attention to looking at what could actually happen.

So, instead of purchasing off-the-shelf remedies that have not been designed for the very people who work at the core of the business and handle sensitive data on a daily basis, rather for the technical personnel that control the IT, companies should look towards their workforce when planning their cyber security solutions.

Understanding what could potentially happen should the particular data held get into the wrong hands is the place to start. Following this, an assessment must be made of the impact the loss of such data would have across the organisation and of course, those whose data had been stolen. Lastly, an education programme for every member of the organisation who is likely to come into contact with the data is essential.

If organisations – and this means their entire workforces -do not understand the value of the data they hold and the potential damage that could result from a breach, there is no point investing in protective software or technical solutions. In any case, a security solution must ALWAYS be fully tailored on an individual basis, which is why these assessments and education programmes are vital.

Your cyber protection strategy

Your company’s cyber protection strategy should begin with a bespoke cyber security review. Why not request yours from the dedicated team at IQ in IT today?

Christmas is coming and many of us will no doubt be looking forward with excitement to the array of new tech that our stockings are set to be filled with. Smart speakers are reckoned to be the hottest Christmas gift of 2017 according to numerous media reports. The likes of Amazon Echo and Google Home, and the forthcoming Apple HomePod, certainly seem to be the next must-have device.

Working via a simple voice command and springing to life on hearing their personal ‘wake word’, they can do everything from shuffling a music playlist and providing the latest weather forecast through to ordering pretty much all you could wish for and keeping you on track with updates from your personal calendar. Synced with other devices, they will also control your home heating and security and switch your lights on and off.

All good. However, if you’ve got one of these voice assistants on your Christmas wish list, or indeed already have one, then there’s something you need to know.

Voice Assistant Design Flaws Spark Hacking Concerns

A report in the Independent has revealed that popular voice assistants including Alexa and Siri are easy to hack due to huge design flaws.

The report reveals that researchers were able to take over seven different voice recognition systems on various gadgets including iPhones, Samsung Galaxy handsets and Windows 10 computers. The research also revealed that voice assistants can be triggered by voice commands that are inaudible to humans.

A total of 16 different devices were found to be vulnerable, however the researchers have stated that their list was “by far not comprehensive”.

It was discovered that these assistants can be triggered by voice commands that are actually inaudible to humans. Whilst an attacker would need to be close to the target device, it has been proven that it is possible to take over a voice assistant without touching it.

An ultrasonic transducer (a device that sends and receives ultrasonic sound over the airwaves) together with an amplifier were used to convert regular voice commands into ultrasounds: something that cannot be audibly detected by humans. In doing so, not only were the researchers able to active the voice assistants, they were also able to give them commands.

“By injecting a sequence of inaudible voice commands, we show a few proof-of-concept attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile,” the researchers said.

Smart Home In-Roads for Attackers?

The seriousness of these findings cannot be over-emphasised. Access of this nature could allow an attacker to open a malicious website; launch a phone or video call for spying purposes; create and spread spam emails, social posts, events and text messages and disconnect wireless communications.

Furthermore, with devices like the Amazon Echo which can be connected in to a smart home set-up, there is even the risk that attackers could open a victim’s door to let intruders inside. This is not completely straightforward however as such actions require a PIN and the command must come from someone who is no more than 165cm from the device.

How to Protect Yourself from a Voice Assistant Hack?

There are ways to protect yourself from voice assistant security risks. If you are using Siri or the Google Assistant, all you need to do is switch off the always-on setting. For the Amazon Echo, just hit the mute button. However, you will of course find that waking your voice assistant is no longer just a case of using its wake word.

It is advisable to switch voice assistant microphones off at least when you are not at home and most definitely when you are away for extended periods. In fact better still, unplug the device and secure it in a safe or locked cabinet when you are leaving your home unoccupied for longer than your working day.

Concerned About the Security of Your Smart Home?

If you are in any way concerned about the security of your modern home technology and smart devices, talk to the experts at IQ in IT. We provide specialist assistance to businesses and individuals seeking to protect their data and safeguard what matters to them.

Cyber-crime is very much a huge focus for the media and it is no wonder, seeing as it is the second most reported economic crime affecting 32 per cent of organisations according to the PwC Global Economic Crime Survey 2016.

We see regular reports on almost a daily basis of cyber-breaches and attacks on large organisations. However, the issue is certainly not just a problem for multi-national organisations. In fact, it’s not just a business related issue at all.

Anyone can be at risk of a cyber-breach including on a personal level, in particular those who hold senior executive positions or are known to be of high net worth. High profile figures, from sports people and TV personalities to politicians, are prime targets. No one will forget the reports of ex-England footballer David Beckham’s emails having been breached, and the 2014 mass-attack of a number of celebrity iCloud accounts still gives cause for concern, as does the accessing of President Obama’s personal emails in the same year.

Of course you don’t have to be in the spotlight to become a victim of cyber criminals or hackers: executives are also attractive targets and there have even been reports of attackers trawling through the websites of wealth managers in order to target the super-rich.

Double Risks for Executives

For the executive, there is a double risk: aside from the potential to become a third-party in-road for cyber criminals into the organisations they head-up (the PwC survey confirmed that the human factor is by far the weakest link in terms of corporate cyber-crime), there is also a major risk to personal assets.

A study carried out last year, the Barclay’s Digital Development Index, showed the UK in ninth place out of a survey of ten countries due to a lack of digital skills. Barclays said only 13 per cent of British workers surveyed used password-generating software, in comparison to 32 per cent in China and India. It also came to light that the majority stored payment information on frequently used websites, suggesting that convenience is dangerously prioritised over security.

Phishing attacks are also on the rise. Telecoms company Verizon analysed 10,000 incidents in its 2016 Data Breach Investigations Report. It found as many as 1,000 had led to a data breach and that nearly one in three phishing emails is opened, with 12 per cent clicking on links. Apparently, those in high-pressure jobs, for example PR executives, journalists and lawyers, who regularly receive urgent emails, sit amongst the most regular victims.

Individuals Should Place as Much Emphasis on Cyber Security as they do Physical Security

Digital crime now poses one of the most significant threats to particularly wealthy people, which is why it is crucial for high net worth and high profile individuals to place as much emphasis on protecting themselves in the cyber realm as they do via bodyguards and security measures in the physical world.

The methods cyber criminals are using to compromise their targets are becoming increasingly sophisticated. Attackers will monitor online activity in order to siphon off money; they’ll use threats of extortion from data extracted during a breach; they’ll blackmail their victims through digital means, sometimes manipulating social media interactions to do so. Devices may even be stolen in order to gain access to platforms and accounts, and criminals are not just going directly to the target: they are also finding avenues in through their domestic staff such as cleaners and nannies as well as drivers and PAs.

For the high net worth individual, reputation is at risk as well as monetary loss.

The importance of arranging for a robust, fully tailored cyber security programme to be put in place cannot be over-emphasised. This programme must include dedicated monitoring and ongoing advice and attention so that it never becomes outdated. Cyber-crime is evolving at an exceptionally rapid pace, which for the wealthy and influential means the risk will continue to grow.

The key message is, do not leave yourself open to attacks. Cyber-security is not just for companies: there is a very real and exceptionally vital need to protect yourself as an individual.

At IQ in IT, cyber security is our key priority. We work with both businesses and individuals to protect data, assets and reputation. To request your cyber security review, please contact us.

You know the vital importance of adopting cyber security measures. You’re fully aware of how crucial it is to protect your business and that includes its reputation and its sensitive data.

You’ve quite rightly, and shrewdly, taken steps to install systems and processes to reduce the risk of technology failures that could open the floodgates for an attack. You’ve put in place a comprehensive educational programme for staff so that the human risk element is covered. You’ve even secured everything physically as well as digitally.

But are you missing anything? No? Are you absolutely certain?

Many business owners take fundamental steps towards cyber security so that everything inside the business is protected as best it can be. But what about OUTSIDE the business?

A lot of businesses these days outsource to third parties. Freelancers; contractors; agents: it’s a common way to deliver products and services, particularly when you’re in an industry that experiences peaks and troughs.

The thing is, any business that shares access to its sensitive data with third parties faces significant risk. If your business deals with freelancers, contractors or any other third parties then you will need to consider the importance of casting your cyber security net wider so that you can be sure you are not missing any potential weak spots outside of the walls of your business.

Be Sure to Set Policies for Third Party Suppliers

When you engage the services of a freelancer or contractor, do you request to see their own data security policies? Do you ask them to sign an agreement that protects you in the event of a data leak or other type of security breach emanating from an error or negligence on their part?

Your terms and conditions for third party suppliers must incorporate clauses that cover the steps you expect them to take to safeguard your data.

Any third party that is privy to your clients’ or employees’ data should be expected to take reasonable steps to protect that data. These steps could include ensuring all devices used to process data are password protected and armed with up to date virus protection and firewalls; that security updates are installed in a timely fashion, and that devices and any portable storage are physically secured when not in use.

The agreement should also state that any compromise of your company data should be immediately reported to you, for example loss, theft or unauthorised use of a device.

Be Prepared with an Action Plan

Following on from these policies and agreements, your organisation needs to have processes in place to deal with any breach. So for example you’re going to need to be ready with an action plan to handle situations where a freelancer’s laptop is left on a train, and that laptop contains details of your customers; or where a contractor’s iPad used to access your systems has been infected with malware.
If you’re not prepared for such occurrences then you need to make arrangements with your IT providers without delay. It always pays to plan ahead rather than firefight once an incident has already occurred.

You’ll need to be particularly careful where third parties are provided with access to your systems via their own devices. It’s best to introduce an arrangement that is similar to a BYOD (bring your own device) policy. The Information Commissioner’s Office (ICO) has some useful guidance on this subject.

The guidance highlights the seventh principle of the Data Protection Act which says, “Appropriate technical and organisational measures shall be taken against accidental loss or destruction of, or damage to, personal data.” This basically means that sufficient security should be in place in order to protect personal data being accidentally or deliberately compromised. It says this applies if personal data is being processed on devices which you may not have direct control over.

Remember that in the event of a breach, the ICO is going to be looking for evidence that you took all practicable steps to protect your data.

Time for a Cyber Security Review?

At IQ in IT, cyber security is our core priority. We work closely with businesses to make sure ALL their in-roads are secured so as to provide the best, most sophisticated levels of protection possible. To request your cyber security review, please get in touch.

In just over eight months, one of the most far-reaching and comprehensive pieces of European regulation will change the face of how data is stored, handled and protected. The EU General Data Protection Regulation (GDPR) represents one of the most notable changes in worldwide privacy law in two decades and will call for businesses of all sizes to reinforce the processes and safeguards they have in place to protect sensitive data. Fail to do so, and substantial financial penalties will result.

May 25th is the key date for the business diary. This is when GDPR becomes law, and there is plenty to do in order to be ready for the new regime. Eight months really isn’t very long considering the potential enormity of the task that lies ahead.

GDPR – That’s not for me, is it?

GDPR applies to every business across the globe that provides goods and services to, or tracks or creates profiles of, EU citizens, regardless of whether or not that business is EU-based. Basically, if you do business with any EU based audience, you will need to comply with GDPR.

Whilst this is an EU regulation which will automatically fall away once the UK leaves the European Union, it is likely, according to UK government announcements, that the UK will adopt domestic legislation to retain it in whole or in part. So there is no Brexit related get-out clause.

The Regulation will increase expectations and rights concerning data privacy, and will push organisations to follow strict cyber security practices.

Non-compliance will result in hefty fines. Poor data security for example leading to public exposure of sensitive data, in other words a ‘serious violation’, could land a business with a fine of at least €20 million, or 4 per cent of global turnover, whichever is greater. Even less serious incidents would result in a fine of either €10 million being levied, or 2 per cent of global turnover.

Could your business survive a fine representing 2 per cent of turnover?

These new fines are considerably heftier than what the Information Commissioner’s Office is currently able to levy. If you take a look at some recent fines that hit the headlines, and calculate what they’d be under GDPR, it really does bring home the scale of the changes.

TalkTalk for example was fined £400,000 for security failings in 2016 after it allowed customer data to be accessed by hackers. If that fine were to be levied under GDPR, it would escalate to £59 million.

As a business, you have to consider how a fine representing 4 or even 2 per cent of your annual turnover would affect you. In many cases, the business would, quite simply, not survive.

How to prepare for GDPR?

So what should businesses be doing to prepare for GDPR? How to go about organising, managing and protecting data to ensure compliance and to be able to prove that valid efforts have been and are being made to fall in line with GDPR requirements?

A key place to start is with gaining an understanding of what GDPR is, and how it will affect your business. The Information Commissioner’s Office (ICO) has published a helpful, easy-to-follow 12-step guide to help you prepare.

The key takeaways from this guide are:

1. Ensure key personnel and decision makers are aware that GDPR will in many respects supersede the Data Protection Act. Make them aware that GDPR matters, and that it will have a direct impact upon the sales, marketing and operational elements of the business.
2. Start to document the personal data held by your business. Record where it came from, and who it is shared with. An information audit is a good idea; whilst it will take time to facilitate, it will be a worthwhile process.
3. Take a look at your existing privacy notices and be aware of whether they fall in line with GDPR requirements. Plan and introduce any necessary changes well ahead of 25th May 2018.
4. Check procedures to make sure they cover all individual’s rights. Include how personal data would be deleted or electronically transferred.
5. Ensure you have adequate procedures in place to detect, report and investigate a personal data breach.
6. Assign someone the role of managing data protection compliance and consider whether you must formally designate a Data Protection Officer.

The guide provides much more in-depth information and we would urge you to study it if you are starting out on your GDPR journey.

Your Cyber Security review

Something else you really are going to have to do ahead of GDPR is review your cyber security measures. Protection of sensitive personal data is crucial: it’s at the heart of the new Regulation.

Be sure to cover all potential cyber risk in-roads, and educate staff and everyone else with access to your network as to your official processes. Remember that in the event of a data leak situation, the Information Commissioner will be looking for evidence that you have taken practicable steps to comply with your obligations and protect sensitive data. Demonstrating your efforts in this area will help to mitigate the severity of the penalty.

At IQ in IT, cyber security is our core priority. With GDPR on the horizon, we’re making a point of ensuring our clients are ready in all respects to protect against data breaches, ransomware and virus attacks. To request your cyber security review, all you need to do is get in touch: we’re here to help protect your business.

Cyber Security will stay dominant this year with its rapidly growing technologies and innovations, Cyber attackers are just as fast or even more innovative. Last year, some companies such as TalkTalk and Tesco Bank were attacked where hackers stole money from client’s accounts. Cyber Security is important for businesses of all sizes. Small businesses are just at risk of being victims of cyber-attacks as larger corporations, and that’s why it is important for SMEs to be prepared for attacks at all times.

When hackers attack large companies, they often make the headlines of news outlets across the globe. But that doesn’t mean hackers don’t target small businesses. On the contrary, small businesses have a lot of digital assets compared to an individual user. And more often than they have less security than large companies.

Small businesses are also targets because SMEs are less careful about cyber security. Majority of small businesses underestimate their risk level and think that they don’t have anything in their servers that are worth stealing.

Types of Cyber-Attacks

The goal of a cyber-attack is to steal sensitive data, whether it is personal data or credit card information. Hackers can use several types of cyber-attacks in order to achieve their goals. Below are just some cyber-attack techniques that small business owners should be aware of.

DDoS – Distributed denial of service attacks happen by overloading the server with requests. Their goal is to take down the network system or the website.

Malware – Hackers use malicious software to gain unauthorised access or cause damage to the computer or the network.

Phishing – One of the most common types of cybercrime is phishing. It involves the gathering sensitive data such as credit card information and login details through a legitimate-looking website. More often than not, unsuspecting individuals are directed to the phishing website via email.

Password Attacks – There are various types of password attacks that cybercriminals use. A brute force attack is when the hacker tries to guess the passwords until one gets in. Another type is the dictionary attack that utilises a program to try various combinations of words. Lastly, there’s key logging that tracks all the keystrokes of the users that include user IDs and passwords.

Inside Attack – This type of cyber-attack is when a person with administrative privileges misuses one’s credentials to gain access to confidential data. That’s why it is important to remove the access of former employees upon termination, especially if they left the company on bad terms.

APT – Advanced persistent threats are long termed attacks that break into a system in several phases to prevent detection.

A lot of small business owners are confident that they can recover from a cyber-attack. However, the recovery time from an attack often takes longer than their expectation. And during that time, they fail to fully maximise the use of their company’s network. If it involves an online shop, then they are losing potential sales because of the downtime.

And that’s why it is important for SMEs to know the importance of cyber security. Prevention is better than finding the solution after a cyber-attack. Cyber security solutions are also much cheaper compared to the recovery process after the attack. It is important or business owners to assume that they can be a victim of a breach, and that’s why they need to be preparing all the time.


Security has always been a priority for us. We help our customers to fight against viruses, security breaches and Ransomware etc.

Call our team on 0330 1224 420 or send an email to [email protected]. We help you to stay secure locally and in the Cloud.

More data was lost or stolen in the first half of 2017 than during the whole of 2016 according to reports.

1.9 billion records were leaked or stolen by criminals up to June 2017, compared to 1.37 billion during all of 2016. Digital security organisation Gemalto’s Breach Level Index was published in September 2017. It revealed that 10.4 million records are swiped or exposed every day.

Worldwide there were 918 reported breaches in the first half of 2017, just over 100 more than were reported in the last six months of 2016. During the first three months of 2017 more than a million records were lost, stolen or compromised.

According to Gemalto, less than 1 per cent of the lost, stolen or compromised data utilised encryption to make the information useless to the perpetrator: an exceptionally worrying statistic.

Cybercrime was responsible for the majority of data breaches (74 per cent) and malicious insider attacks 8 per cent.

Most data breaches occurred in North America, with the UK reporting the second highest number of incidents.

In total more than 28,000 data records were compromised in the UK in the first half of 2017, an increase of 130 per cent from the second half of 2016. 50 per cent of UK data breaches were down to malicious outside attacks and 30 per cent fell to accidental loss. 65 per cent were classed as identity theft.

Industry sector wise, government ranked the largest source of security incidents with 12 in the first half of 2017, followed by technology firms with 7 and the healthcare sector with 6.

The Breach Level Index has been running since 2013. It is designed to benchmark publicly disclosed data breaches. With the introduction of the General Data Protection Regulation (GDPR) in May 2018, it is reckoned that the numbers of disclosed breaches will see an exceptionally steep rise.

These statistics, and in particular the revelation that such a huge amount of compromised data did not use encryption in order to protect it from malicious use, reiterate the point we are stressing at every given opportunity: the vital importance of installing adequate cyber security measures across the entire business.

Remember, GDPR is nearly here and with it come even more stringent laws about how data is protected. Failure to comply with these new laws could result in fines topping millions of pounds.

What measures are you taking to protect your data?

In light of the findings of the most recent Breach Level Index, it is clear to see that cybercrime is on the up. Criminals are increasingly finding more and more underhand ways of accessing and stealing data. Are you certain you have all the measures in place you need to protect yours? Remember, cybercrime does not only come from external sources; a significant proportion of data compromise comes from within a business, which means ALL potential in-roads MUST be safeguarded.

At IQ in IT, cyber security is our core priority. With GDPR coming in just a few months’ time, we’re ensuring our clients are ready in all respects to protect against data breaches, ransomware and virus attacks. To request your cyber security review, simply get in touch: we’re here to help protect your business.

Cloud technology has been around for a couple of years however businesses have been slow to adopt to it. Bigger businesses have already taken the step to the Cloud yet small to medium sized businesses are still choosing to take up the traditional IT option such as physical desktops, on-site storage etc.

On the other hand when we are at home or on the go with our smartphones, we are already using cloud storage for backing up our photos and files or updating our applications such as LinkedIn or Facebook on a daily basis, just like we use the Internet. Providers such as Dropbox with over 200 million, Skydrive and iCloud with around 300 million users, just showing the evidence that this trend is going to become the norm.

Take a look at the benefits below why cloud computing increases efficiency, helps improve cash flow and offers many more benefits:

1.     Reduce your costs. With the traditional IT model the cost is far higher, even with the advancement of technology your standard desktop still uses a lot of electricity. The same goes to your on-site servers, which you should keep running 24/7.

The cost to run these IT systems will increase each year as electricity prices go up unlike on-site hosting the price of deploying applications in the Cloud can be less due to lower hardware costs from more effective use of physical resources.

Cloud computing is a simple monthly subscription based model where you know exactly how much you spend. New employees can be easily set-up on your subscription and leavers can be taken off. Scale it to your business needs.

2.     Access from anywhere. Cloud computing allows employees access remotely to applications and work via the internet, i.e. from home, on the go and in the office, so basically from anywhere in the world. All files are stored centrally – in the Cloud so everyone can work and see the same files anywhere.

3.     Automated software updates. Your cloud provider, IQ in IT will be able to upgrade software including security updates so you don’t need to worry about spending time and maintaining your systems. Leaving you worry free to focus on your business.

4.     Be flexible. Cloud computing allows users to switch applications easily and rapidly, using the one they need. And if you need to scale down again that’s all fine in the Cloud which is a real advantage over competitors.

5.     Be secure. Should your company experience a major disaster such as flood or fire then you’re looking at major downtime in your business and lost or unrecoverable data. This could be an event that your business won’t be able to recover from. Another example is a lost laptop or broken down PC. Having all your data stored in the Cloud takes away these risks giving you greater security when it happens. You can access your Cloud from another PC and you can even remotely wipe data from lost laptops.

6.     Be greener and more economical. The energy needed for a computational action carried out in the Cloud is far less than the amount for an on-site deployment. Businesses only use what they need when working in the Cloud giving minimal environmental impact.


Not moved to the Cloud yet?

Well, looking at all of the above benefits there shouldn’t be any doubts and would be enough to convince your business to move into the Cloud. Speak to us on 0330 1224 4220 or arrange a meeting to discuss your cloud computing with us. Send an email to [email protected] or [email protected]

Some call it fast fibre optic, others say high speed, super-fast or fastest connection ever – correct – it is fast with greater speed and the fibre goes directly from the cabinet to your office – it is your one and only dedicated internet line!

Nowadays, no business survives without internet and even less with slow internet connection as time is precious. The traditional broadband mostly struggles to cope with downloading or backing up large files, streaming videos or music, with multiple devices and appliances logged on at the same time by employees. 

As this demands much greater bandwidth in order to accommodate all staff and technology, the trend and latest is super-fast fibre internet connection for businesses. So no more sharing bandwidth. This means that you have got your own dedicated fibre line from the cabinet into your business premise enjoying fast internet connectivity and no more slowing down while working.

Your business benefits

  • Reliable and affordable solutions by benefiting from a 100Mbit or Gbit bearer in adding bandwidth as your business continues to grow

  • Shared installation costs for multi-tenant solutions


Contact us on  0330 122 4420 [email protected] and stay in touch with us on twitter


 – Clever about IT

Yes we did it. It has been a journey and a long preparation process, however we are very pleased to announce that IQ in IT has been awarded the ISO 27001:2013 this month in recognition of the Organisation’s Information Security Management System (ISMS) covering Cloud ISP Hosting Services. Our Certificate number is 77311/A/0001/UK/En.

What does this mean?

The ISO 27001 certification is an international standard for quality in IT Security which focuses on Information Security Management System (ISMS). It is the most important quality assessment for hosting services. The scope covers all corporate and client information that is relevant to the provision of hosting services such as websites and cloud computing.

Certification means a third party accredited independent auditor has assessed our processes and controls and therefore confirms that we are operating in line with the complete ISO 27001 certification standard.

One of the key traits of ISO 27001 is to ensure that the appropriate management support and systems are in place, ensuring ongoing internal improvements providing visibility of risks, vulnerabilities and threats throughout our organisation.This is critical for a successful management and a smooth operation which will help us managing and protecting our valuable data and information.

This requires us to continuously comply with:

  • Evaluating our security risks taking into account the impact of company threats and vulnerabilities

  • Creating and implementing a comprehensive infrastructure of security controls and other forms of risk management to address company and security risks

  • Implementing an effective management process to ensure that the security controls meet our security needs

What does this mean to our clients?

  • We give our clients even more certainty, security and best practice in completing our ISO 27001 which is the most important assessment for hosting services and IT security


Should you have any questions please feel free and contact us on 0330 122 5226 or send us an email to [email protected]