NHS Informatics Merseyside offers a comprehensive IT security service advising on all aspects of data and cyber security and protection against threats including phishing, spear phishing and ransomware attacks.
A structured approach is used for ensuring the correct level of protection is in place to safeguard the integrity and availability of information systems and business data.
Our experienced and certified experts are on hand to provide advice and guidance on every aspect of IT security, whether you are looking to audit your systems to safeguard data or conduct penetration testing on a secure website.
Key features of our IT security service include:
- Security reviews and risk.
- Internal security scans and benchmark compliance testing.
- Cyber and IT security management– training plans and end-user awareness sessions.
- Development of policies and processes to support the NHS Information Governance (IG) Toolkit.
- IT security incident management and unauthorised access monitoring.
- Discreet and forensic investigations to support HR.
- IT security advice and consultancy.
- Research and development advice on best practice and new technologies.
As a security service, Informatics Merseyside is Cyber Essentials certified, with our infrastructure managed in accordance with ISO 27001 information security management standards demonstrating the robust security practices employed across our operations.
Our standards and certifications
CISM Certified Information Security Manager
We have certified information security management (CISM) expertise within Informatics Merseyside, which demonstrates our knowledge and commitment to information security. In addition to our technical competence, this validates our understanding of the relationship between information security and the goals and objectives of those organisations we support.
Informatics Merseyside is Cyber Essentials certified for our adherence to nationally approved guidance and best practice regarding cyber security.
Cyber Essentials consists of an assessment of security measures to ensure that the necessary 5 key controls are in place as a basic level of protection. These controls include:
- Boundary firewalls and Internet gateways for the prevention of unauthorised access.
- Secure configuration to ensure that systems in use provide only the necessary functions required for their roles.
- Access control to an appropriate level for employees with records of who has higher access within the company.
- Malware protection installed and kept up-to-date.
- Patch management to ensure that all software is the latest supported version.
You can read more about this certification on the National Cyber Security Centre website.
Cyber security awareness and support
Be Cyber Savvy
Good cyber security is everyone’s responsibility, so do your bit to protect our patients and their data by following our top tips to be cyber savvy!
- Report any suspicious emails to your IT Service Desk and then delete it!
- Watch out for malware which spreads when you download or install infected software via a website link or an attachment.
- Use a strong password such as a passphrase, which includes a mix of upper and lower case characters, a number or a special character.
- Lock all screens and log out of systems when they are not in use.
For further information, read our top tips to be cyber savvy!
Need further information?
For further information about IT security or to speak with an expert, please get in touch.