ACEVO is the Association of Chief Executives of Voluntary Organisations. Together with their network, they inspire and support civil society leaders by providing connections, advocacy and skills.
ACEVO approached Smartdesc as they wanted to achieve the Cyber Essentials certification, to prove their commitment to best practice with cyber security.
Cyber Essentials is a government-backed, nationally recognised certification, that is increasingly being seen as the industry standard for good cyber security practice.
With cyber threat constantly dominating the headlines and presenting genuine risk to charities, ACEVO wanted to achieve the award to assure themselves and their members that they give security the attention it requires.
In our capacity as a licensed Cyber Essentials Certification Body, Smartdesc is approved by the national body that administers the scheme – IASME – to assess and award the certification.
Smartdesc worked with ACEVO to audit their IT and Digital systems against the 50 or so technical controls and measures that make up the Cyber Essentials standard.
The standard deems it mandatory that all computers are running on current, supported operating systems, and that devices are kept up to date, encrypted, and protected against viruses, malware, and ransomware. It also requires that complex password policies are in place, and two factor authentication is enabled, including for other 3rd party applications.
ACEVO met the standards, and are now fully Cyber Essentials Certified. Not only does this give their leadership team, members and trustees peace of mind, but it also outwardly demonstrates that they have invested the time to take cyber threat seriously and covered the most important bases to secure their systems. The certification is tested and renewed annually, because technology – and cyber threats – never stand still.
Achieving Cyber Essentials has brought numerous benefits to ACEVO, including:
- Peace of mind that the basic security controls are in place.
- A public demonstration of commitment to cyber security.
- Compliance with a nationally recognised certification, developed by the National Cyber Crime Security Centre.
- Renewed and refreshed annually, to cater for the ever-evolving cyber threat landscape.
- A cost-effective process, completed in under 2 weeks.