GDPR data security health check

Data Security Health Check

All companies are currently required to review their data, technology and security processes to ensure they are ready to face the ongoing challenges GDPR presents

As part of our service to clients, Xyone Cyber Security are offering a Data Security Health check to clients to help them understand, manage and mitigate their cyber risk.

This will take the form of an onsite assessment, involving both external and internal vulnerability scanning, email and security firewall and malware protection checks, as well as an information security policy gap analysis.

At the end of the session, you will receive a detailed report to summarise the findings, which includes the areas of concern and recommendations. Xyone will also put together a summary action plan will outline how to enhance your GDPR compliance from a data security perspective.

Data security health check

What's included in the Data Security Healthcheck

01
External Vulnerability scan
Accurately scan your network, servers, desktops or web apps from outside your network, for example acting as a customer for security vulnerabilities to find out where you’re at risk.
02
Internal vulnerability scan

Similar to an external vulnerability scan but from within your network, acting as an employee to find out where there are weaknesses.

03
Patch management (obsolete, outdated software)
A check to see which aspects of your software are in need of an update (or patch) to ensure that they are protected with the latest releases to mitigate the risks of a cyber security attack to your computers, servers and your network.
04
Weak or default passwords
A review of the passwords used within your organisation and a check to see whether “best practices” are being adopted and that anyone trying to hack into your network could not easily guess the passwords currently used
05
Email security test

A test to ensure your email server is secure and spam proof.

The test ensures that your email server blocks and prevents viruses and dangerous attachments being delivered to email addresses within your organisation.

06
Security firewall and malware protection checks

Test your anti virus and anti malware protection software by checking how you respond to malicious attacks

The best way to check this is through a series of carefully controlled Penetration testing exercises (also known as Pen testing).

07
User access control
Ensure that each user within the organisation has the appropriate level of access to data, servers and devices that is in-keeping with their level of authority
08
Backup procedures

A complete review of the company’s current back up procedures and an evaluation of the speed of data backup and the range of data secured

Clearly the impact on a company’s data following a security breach can be significant and one of the most effective methods of recovery is to revert to a recent backup assuming the data is up to date and complete.

09
Data retention
he long term storage of data, often for compliance reasons. This test will confirm whether the data is stored safely and protected accordingly.
10
Mobile device encryption
Mobile encryption allows employees to store sensitive information in an encrypted format on their device such as a flash memory storage card

If sensitive data is not encrypted when stored on a mobile device, this could lead to a security breach – it is imperative to conduct this test and expose any weaknesses within your organisation.

11
Information security policy gap analysis
A comparison of your existing procedures measured against best security practices.
This activity will help to identify areas where risks or security breaches are in need of attention.

The checks are performed against the ISO27002 standard security framework. A series of interviews with individuals is also required in addition to a review of the processes.

Final
Detailed report
The final part of the exercise is to summarise the findings in a detailed report which includes the areas of concern and recommendations. A summary action plan will outline how to enhance your GDPR compliance from a data security perspective.

GDPR Health Check Prices

  • Micro 0-10 Employees
  • £1,900
  • Cost of GDPR health check
    (ex VAT)
  • UP TO 250 employees
  • £2,500
  • Cost of GDPR health check
    (ex VAT)
  • 251 TO 500 Employees
  • £4,950
  • Cost of GDPR health check
    (ex VAT)
  • 501 TO 1,000 Employees
  • £7,500
  • Cost of GDPR health check
    (ex VAT)
  • 1,001 TO 2,000 Employees
  • £12,500
  • Cost of GDPR health check
    (ex VAT)

GDPR Services

GDPR training
GDPR GCHQ-certified Board Level training
Xyone is offering GCHQ-certified GDPR Board level training, which will give an in-depth insight into the General Data Protection Regulation and how it will affect your organisation going forward.
GDPR risk assessment
GDPR Risk Assessment
As part of our service to clients, we are offering a GDPR risk assessment to clients to help them understand, manage and mitigate their cyber risk. This session will be arranged with one of our Risk Managers, who will schedule a call or meeting.
Data security health check
Data Security Health Check
We are offering a Data Security Health check to clients to help them understand, manage and mitigate their cyber risk. This will take the form of an onsite assessment, involving both external and internal vulnerability scanning and more.
GDPR e-learning
GDPR e-learning
Xyone’s GCHQ-certified policy and e-learning platform, Mitigate, can ensure your staff are following information security processes and procedures certified at the highest, governmental level. GDPR E-Learning is now available!

How we can help

We offer a range of products and services – including free guides, downloadable resources and expert support - to set you up for success.

Hill Dickinson, The Compliance Foundation and Xyone Cyber Security have joined forces to offer the complete solution to the challenges that GDPR presents across governance and structure, process and policy, and technology.

The benefit of our triple solution is that we can cover legal, compliance and technology requirements, avoiding duplication and creating time and process efficiencies. You can be confident that our advice will mean you’re completely GDPR-ready.

Free Downloads
We’ve created some simple notes for specific executives to help them understand what GDPR is all about and what they need to do.
Premium Products
For those that are looking for some simple tips and prompts we provide a set of cost effective GDPR solutions that can be easily downloaded.
GET IN TOUCH

Request a Quote

Complete the contact form and a member of the team will be in touch to discuss your security requirements.
  • 2 + 73 =
    Contact details

    For any further information, please contact us.

    ADDRESS

    Xyone Cyber Security Solutions Ltd, InfoLab21, Lancaster University, Lancaster, LA1 4WA

    PHONE

    +44 (0) 333 323 3981

    EMAIL

    [email protected]

    Connect with us