After many months of consultancy, planning and implementation we have successfully built and implemented an ISMS at Pollitt and Partners and helped them achieve ISO 27001 certification.
As certified ISO 27001 implementers we were able to advise on the process from the outset, agreeing budgets, schedules and resources. After undertaking a Gap Analysis we assigned tasks across Roadmap and P&P’s HR and Management teams.
Using an ISO 27001 kit, we worked through each policy and control as a team to ensure they were relevant and customised for P&P’s needs. A thorough risk assessment created the backbone for much of the improvements that we ultimately implemented across the business.
Roadmap IT lead and managed this project, created and tailored the policies, undertook the risk assessments, implemented the new IT systems and continue to manage, update and improve the ISMS on behalf of P&P. Roadmap IT also represented P&P during the onsite audit to achieve the certification P&P required.
To help meet some of the requirements of ISO 27001 Roadmap also took P&P through the process of achieving Cyber Essentials+ Certification, again managing the whole process and managing all the IT changes and requirements.
There is an ethos at Roadmap IT that comes naturally. It is to provide genuine, honest and helpful advice and services to our customers that have their best interests at heart. On the whole, this approach is appreciated by our customers and it builds trust and long term relationships. We’ve always said that we are more than a supplier and many of our customers agree that we are team members, essential partners, friends or even extended family. This relationship is an essential part of our business.
IT systems can, and do fail and are often critical to businesses. Any disruption can cause anxiety and pressures for both the customer and the IT supplier. This is where the relationship and trust is essential. If the relationship is good, the customer will know we are doing everything we can to rectify the issue, this in turn generates the best from our team who happily go the extra mile as they know their efforts are being appreciated.
We recently undertook an installation at one of our customers sites in Truro. The project had been planned in detail and kit had been preconfigured and tested to make sure everything was working before attending site. During the project hardware failed in one of the key systems we were installing. It’s a rare scenario but obviously can happen. To make sure there was no disruption to our customer the team at Roadmap worked from 8AM - 3AM for two days in a row. This is a great example of appreciation working both ways, Roadmap went the extra mile to minimise any disruption for the customer and in turn the customer recognised our efforts and remains very grateful for all the hard work that took place. The customer was also impressed that everything was done with a smile, and fun was had by all during the work. This last and very important point was only possible because everyone involved appreciated the efforts and understanding from all sides.
One of our industry friends DataJar have been issued a "cease and desist" order by T-Mobile's lawyers challenging DataJar's use of Magenta on their logo!
In support of DataJar and their position we have changed our home page to Magenta - #magentatoo
The BBC and The Register have published articles in relation to the order:
WHAT IS BENK + BO?
A creative eco-system bringing people together from different disciplines to work, make, learn, share ideas and collaborate. An affordable workspace which brings people together from different creative disciplines that includes desk space, event space, yoga studio, meeting room, photographic darkroom and a piano surrounded by books. There is also an onsite bakery and cafe to keep everyone happy.
HOW WE HELPED
A secure, robust and flexible network was required that would work for a 100+ members, guests and events. In addition to this the network needed to support the access control systems, POS, lighting and security systems.
To achieve this we installed structured cabling to all the floors in the building and supplied a 100MB Leased Line with backup FTTC connections for fast and reliable internet access. The wireless network would be used to support the majority of network connections, potentially 200+ across a number of different devices. Security, remote management and performance were key requirements. To achieve this we used Cisco Meraki infrastructure including network switches, firewall and wireless access points throughout. The whole system is managed by Roadmap and we can report and manage all connections remotely. New members, or guest accounts can be added or removed quickly and easily both by the team at Benk + Bo or by Roadmap IT.
We are now also discussing options to provide IT support services to Benk + Bo's members as an added service, along with IT solutions for a new space in Hoxton.
General Data Protection Regulation (GDPR) & ISO 27001
Most businesses are now aware that they need to review their internal data protection processes and IT systems and that the deadline for compliance is May 28th 2018.
Roadmap have been applying best practise approaches to all of the IT solutions we provide to our customers for many years. Security and privacy have always been at the forefront of our planning, workflows and advice. If you are an existing customer of ours, then its likely you already have the right technology and framework in place and the majority of the work will focus on creating documentation, processes and IT policies.
Reviewing internal processes, data privacy and IT security opens up a further opportunity to create an ISMS (Information Security Management System) and in particular the option to work towards an ISO 27001 certification. There are a number of key benefits for our customers to do this:
1. GDPR recommends the use certification schemes such as ISO 27001 as a way of providing the necessary assurance that the organisation is effectively managing its information security risks.
2. ISO 27001 will help you put processes in place that protect not only customer information but also all your information assets, including information that is stored electronically and in hard copy format
3. ISO 27001 requires your security regime to be supported by senior management and incorporated into the organisation’s culture and strategy. It also requires the appointment of a senior individual who takes accountability for the ISMS. The GDPR mandates clear accountability for data protection throughout the organisation.
4. ISO 27001 compliance means conducting regular risk assessments to identify threats and vulnerabilities that can affect your information assets, and to take steps to protect that data. The GDPR specifically requires a risk assessment to ensure an organisation has identified risks that can impact personal data.
5. Being GDPR-compliant means an organisation needs to carry out regular testing and audits to prove that its security regime is working effectively. An ISO 27001-compliant ISMS needs to be regularly assessed according to the internal audit guidelines provided by the Standard.
6. The GDPR requires organisations to take the necessary steps to ensure the security controls work as designed. Achieving accredited certification to ISO 27001 delivers an independent, expert assessment of whether you have implemented adequate measures to protect your data.
Working towards ISO 27001 not only addresses the majority of your GDPR requirements, but also improves your internal security and privacy. In addition to this many businesses now insist that their partners or suppliers have ISO27001 certification if they wish to work with them. Achieving certification aids with a much simpler tendering process when agencies are pitching for new business.
Inline with the industry standards and our customers needs Roadmap are also working towards ISO27001 certification.
If you are a Creative Industry business, working with Mac's and need a "Roadmap" to review your GDPR responsibilities, or wish to work towards ISO27001, or simply wish to improve the security of your data then contact us to arrange a free consultation to see how we can help.
We have now moved into our new office space (Still within the same building but its a nice upgrade not to be sitting on top of one another!)
In addition to the more obvious benefits such as space, natural light and storage we have a new telephony solution.
We now host and manage our own VoIP solution built on Kerio Operator Cloud PBX, VoIP Unlimited SIP and Yealink T42S Handsets. First impressions are really good. The audio and call quality is far superior than the Polycom handsets we previously used that were hosted on BT's HVX platform.
For any admins used to working with Kerio the familiar interface is a welcome addition in assisting with setup and ongoing management. The Kerio Operator PBX licenses are also free if you already subscribe to Kerio Cloud licensing.
We expect to make a cost saving with the system paying for itself in less than 6 months, so financially it makes sense too.
If you are not familiar with all the benefits of VoIP in comparison to traditional telephony systems, or are not satisfied with your existing VoIP solution drop us a line and we can enlighten you!
After a successful first year of trading and to say thank you we took our team up into the skies above London. It was just like the opening scenes from The Apprentice... thankfully no one was fired!