Secure, Comply, Certify is our unique three-step approach to achieving certification to Lexcel. Whilst many consultants will help you to implement the standard, ours go one step further by working with you to implement cyber security first, which strengthens your compliance to Lexcel.
As a large part of Lexcel is centred around data protection and client confidentiality your framework should include cyber security measures to assess the external threats which could compromise the security of your information. We have established relationships with consultants and certification bodies to implement Secure, Comply, Certify – a 360 degree approach to information security.
Throughout the Lexcel practice management standard there are references to security of systems and confidentiality of client data. In order to successfully achieve this certification, legal firms are required to demonstrate that their assets are secure from external threats by undertaking regular penetration testing.
Our Lexcel consultants can help you to identify the physical risks to your assets from a potential cyber threat whilst advising you on the relevant sections of the Lexcel standard. Using the results from a penetration test, we can strengthen your information security policies and procedures, and provide a full assessment of the external environment.
We can work with a variety of organisations to implement changes required to ensure GDPR compliance. Here is an example of how we work together to help you.
2.4 – Practices will have a business continuity plan, which must include
4.1 – Practices will have an information management policy which must include:
4.2 – Practices will have an email policy, which must include:
4.3 – If the practice has a website, the practice must have a website management policy which must include:
4.5 – Practices will have a social media policy, which must include:
6.1 – Practices must designate one overall risk manager to be able to identify and deal with all risk issues.
7.1 – Practices will have a policy for client care, including:
In order to address each of the above points, our certified consultants take you through a straightforward three-step framework which focuses firmly on security, compliance and certification.
By guiding you through this framework, we can ensure that you not only have the technology foundation in place to meet with the requirements for Lexcel, but also that information security within your practice extends beyond technology to encompass your people, culture, processes and physical environment so as to keep it resilient – even in the event of a breach.
Credit Style have been using Xyone Cyber Security now for over 2 years. During this time Credit Style and Xyone have formed a close and trusting relationship due to their prompt, helpful and friendly service. Over this period Xyone have carried out numerous projects, from External, Internal and Web Penetration testing to carrying out the testing for Credit Style to become Cyber Essentials Plus certified, most recently carrying out External Infrastructure Penetration Testing.
Xyone have, on every occasion, operated in a very professional manner, whether dealing over the phone, or when Assessors are visiting our premises and find their staff trained to a high level with clear expertise in the Cyber Security field.
Credit Style look forward to continuing our relationship with Xyone over the coming years and appreciate the knowledge and peace of mind that they provide via their expertise and service.
Credit Style would happily recommend Xyone and their services to any other company that require help, advice or service within Cyber Security.
Having worked with Xyone for some time now, I have found them to be extremely professional and courteous whilst maintaining a friendly and approachable side. The integration of the Mitigate into our organisation was very straightforward and hassle-free. The admin aspect of the system is easy to navigate and maintain and the reporting gives enough detail without being too complicated. The training platform itself is user-friendly and although the training goes into a lot of detail, the examples are current and based on real life situations. The support guys are very supportive and always happy to help. I can highly recommend Xyone.
Cyber Security awareness is essential to stop employees from causing serious security incidents, we must also be aware of the regulatory requirements in place to protect client data.
Mitigate, developed by Xyone Cyber Security, the Cyber Security Policy Awareness Training Suite, is the perfect tool for this with clear policies and e-learning training and assessments.
The portal is very user friendly and can be easily implemented and rolled out to staff. It is simple to use saving time and ensures training our staff is cost effective. The Mitigate training suite ensures that we can manage the risk and build company resilience.
As our employee numbers and workload increased, we were finding it difficult to schedule time to run training sessions and keep track of who had / hadn’t been trained on important matters such as cyber security. Mitigate was the answer we were looking for. A simple to use training tool with built in tests is perfect for our fast-moving business. We can keep track of training to date and schedule re-testing ensuring we are always organised and compliant. Mitigate also has the scope to allow for other areas of the business to be covered, such as Anti Money laundering and Human Resource modules (i.e. induction) which keeps everything neat and tidy under one piece of software. Software updates are received on a regular basis and you are always listened to if you have a software suggestion. I would definitely recommend Mitigate for your business
The Cutover team really enjoy working through the Mitigate training modules. The training portal helps our employees focus on specific security topics and reduce the overall company risk profile. Great work, I look forward to seeing more new content and features.
Xyone attended at our offices to present a training session on cyber security. It was attended by people at different levels, from support staff to management level and also from different departments including IT, risk, marketing and HR. It is fair to say that everyone present gained something from the session. It was well presented, interesting and extremely thought provoking. Xyone demonstrated their knowledge and credibility in this area whilst not being patronising or, at the other end of the scale, using language which was too technical. The content was extremely useful not just in terms of professional life, but also in terms of personal awareness of cyber security issues.
After realising the weaknesses of our internal system security, AEV decided to instigate Cyber Security training from Xyone to allow all staff members with computer access to understand their responsibilities when it comes to terminal and online security. All these employees were trained through group, 3 hour sessions over the period of a day. The training was informative, enjoyable, interactive and extremely helpful. Feed-back was positive and all said that it was enlightening and very useful, not just for their work lives but also for their personal online security.
Xyone delivered their excellent Cyber Awareness training session to our Business Heads group. They took what can be quite a dull and uninteresting topic, and presented it in such an engaging and thought provoking manner that the whole group were able to take something away from it, regardless of how much was previously known around the subject. Showing that cyber security isn’t just a job for the IT function to deal with, but something that the whole firm has to take responsibility for has certainly helped me in pushing the security message out across all staff.
We found the services of Xyone Cyber Security excellent and very easy to deal with, we would highly recommend them for any cyber security requirements.
The whole process from sending us a reminder to assessing our questionnaire to issuing the certificate was very efficient throughout.
Xyone, and Jacek particularly have done a great job in helping us achieve Cyber Essentials Plus. The assessment itself was pain free and good humoured as Jacek wandered around checking if people had post-it notes stuck to their screens with passwords on. Sensible and proportionate recommendations were made and those have now been implemented.
For any further information, please contact us.
Xyone Cyber Security Solutions Ltd, InfoLab21, Lancaster University, Lancaster, LA1 4WA
+44 (0) 333 323 3981