NHS Informatics Merseyside offers a comprehensive IT security service advising on all aspects of data and cyber security and protection against threats including phishing, spear phishing and ransomware attacks.
A structured approach is used for ensuring the correct level of protection is in place to safeguard the integrity and availability of information systems and business data.
Our experienced and certified experts are on hand to provide advice and guidance on every aspect of IT security, whether you are looking to audit your systems to safeguard data or conduct penetration testing on a secure website.
Key features of our IT security service include:
- Security reviews and risk.
- Internal security scans and benchmark compliance testing.
- Cyber and IT security management– training plans and end-user awareness sessions.
- Development of policies and processes to support the NHS Information Governance (IG) Toolkit.
- IT security incident management and unauthorised access monitoring.
- Discreet and forensic investigations to support HR.
- IT security advice and consultancy.
- Research and development advice on best practice and new technologies.
As a security service, Informatics Merseyside is Cyber Essentials certified, with our infrastructure managed in accordance with ISO 27001 information security management standards demonstrating the robust security practices employed across our operations.
Our standards and certifications
CISM Certified Information Security Manager
We have certified information security management (CISM) expertise within Informatics Merseyside, which demonstrates our knowledge and commitment to information security. In addition to our technical competence, this validates our understanding of the relationship between information security and the goals and objectives of those organisations we support.
Informatics Merseyside is Cyber Essentials certified for our adherence to nationally approved guidance and best practice regarding cyber security.
Cyber Essentials consists of an assessment of security measures to ensure that the necessary 5 key controls are in place as a basic level of protection. These controls include:
- Boundary firewalls and Internet gateways for the prevention of unauthorised access.
- Secure configuration to ensure that systems in use provide only the necessary functions required for their roles.
- Access control to an appropriate level for employees with records of who has higher access within the company.
- Malware protection installed and kept up-to-date.
- Patch management to ensure that all software is the latest supported version.
You can read more about this certification on the National Cyber Security Centre website.
ISO 27001 Security Management System
Our IT infrastructure and operations are managed in accordance with the ISO 27001 security management standard, providing assurance that our products and services are delivered in a safe and secure manner. ISO 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system. For more information about this information security standard, please visit the International Organization for Standardization (ISO) website.
Need further information?
For further information about IT security or to speak with an expert, please get in touch.