top of page
Vault

Services

Vault Protect

Here's Our Service Summary

CentriVault has developed a managed services package that combines our industry experience in security processes, systems and behaviours to provide a defence-in-depth approach.

Vault Protect has been created to deliver a 360 degree protection solution for your organisation. It focuses on delivering the key aspects of prevention, detection, analysis and response - all within a continual improvement cycle.

Vault Protect offers industry-leading solutions integrated to meet the security needs of your organisation.

Our risk assessment approach is aligned with ISO 27005, 31000, NIST RMF and CyberSure. Aligned with that our incident response follows ISO 27035 and NIST SP 800-61 principles.

Our threat management solutions bring in market leading toolsets for real-time threat assessments and vulnerability testing from companies like Tenable and Datto.

Complimenting all is our digital forensic solutions which ensure we utilise industry leading tools from Exterro, Autopsy and Opentext.

See how Vault Protect can help your organisation by booking in a discovery call with our team

pointing-up-left.png
Mountain climbing

Key Challenges Addressed

As the need for protecting our organisations has grown, so has the risk as we have moved more into a hybrid way of working. This has produced significant security challenges that means a lot of organisations struggle to effectively control their risks and maintain compliance.

There is also a growing move into the cloud but many organisations struggle due to the lack of expertise, resource and budget, to effectively protect all of their boundaries.

Vault Protect helps move from the challenges of often large and recurring capital costs as well as costly training and further salaries to a predictable monthly operational expenditure. Thus, allowing teams to focus on their core business.

Organisations also need to ensure they are resilient to cyber attacks and can meet the needs of their insurance policies, as we all meeting the needs of the various regulations.

Vault Protect has been established to lower costs through consolidation but increase access to information and resources that can provide real-time assessment's of your IT and information infrastructure.

Benefits of Vault Protect

Our model follows the Plan, Do, Check, Act approach as it focusses on preventing, detecting, analysing and responding to any cyber threats you may face.

  1. Reduce your risks and provide greater visibility to the threats you face whilst remaining compliant

  2. Improve your security ROI by us consolidating your solutions and driving better value

  3. Reduce the burden to your team by allowing us to support your security initiatives and act as an extension to your organisation

  4. Gain the necessary levels of specialist expertise when you need it without the high costs of maintaining such resources - average saving is 25% of IT costs

  5. Increase the response times to any incident and reduce the impacts attacks have on you

  6. Deploy solutions rapidly and comprehensively to provide proactive assessments of your ever changing IT and cloud infrastructure

  7. Delivering you peace and mind and confidence that you are in safe hands

How it Works

Contact our solutioning team using the form below and we will respond within 24 working hours

We will discuss your requirements and develop a Vault Package right for you

Our solutioning team will produce your own bespoke Vault Protect MSSP

The Project Team will kick off once agreed and meet with your key team members to ensure a seamless inroduction of the Vault Protect package

Your dedicated customer success manager will run quarterly efficiency reviews with you to demonstrate what savings have been achieved so these can be reported into the business

  • What is a MSSP?
    Managed Security Service Provider or MSSP, provides outsourced monitoring and management of security devices and systems. As a third party MSSP, we can help alleviate the strain on IT teams, as well as free up crucial time the organisation needs to support and expand operations. Our Hybrid approach brings in the wider Vault UK Group so you have access to a wider range of connected and integrated services that ultimately support your security and privacy.
  • What types of cyber security support can you offer?
    Our services are far-ranging and can be part of a single workstream or for better value, within a managed package. Typically we can support areas like network and cloud security, endpoint security, zero trust, mobile and IoT security and all forms of testing, e.g. application or web vulnerability testing. Our aim is to ensure we can help maintain your organisation's confidentiality, integrity and availability of your information assets. Please contact our solutioning team to discuss your cyber security needs.
  • I know we need to do cyber security, but I have no idea where do we start?
    That is absolutely fine......it's why we exist! The first thing to do is contact us to outline your requirements, e.g. is it one of your customers requiring something you need to do or you need to achieve certification for a job or are worried about suffering a cyber attack. A typical approach is: 1) Contact us with your requirements 2) We’ll help identify services and solutions which can help 3) If needed, our Client Solutioning team will perform a gap analysis to ensure what we are providing best meets your needs 4) We deliver the services you need and help you efficiently manage it With us managing the services on your behalf, this helps to stop you worrying and allows you time to focus on driving your organisation forward.
  • What is an ISMS?
    Information Security Management System or ISMS is a systematic approach consisting of processes, technology and people that helps you protect and manage your organisation’s information through effective risk management. Fundamental to certifications like ISO 27001, an effective ISMS focuses on protecting three key aspects of information: Confidentiality: The information is not available or disclosed to unauthorised people, entities or processes. Integrity: The information is complete and accurate, and protected from corruption. Availability: The information is accessible and usable by authorised users
  • How do I achieve full compliance of GDPR?
    There are currently 99 Articles across 11 chapters in GDPR that organisations need to ensure they are compliant with. This can be a challenging task as you also need to take into account GDPR's 7 principles such as storage limitation and data minimisation. Another key principle is accountability. Undertaking the ICO's accountability framework review will help establish your gaps and what work you need to implement that is required by law and ultimately, achieve compliance. Rather than risk any fines, we have privacy experts who can assist you with this challenge and work to ensure you achieve full compliance. We can also provide you with a virtual Data Protection Officer should you require this as part of Article 37.
  • What kinds of data need greater protection?
    Under the GDPR, there are some kinds of personal data that are deemed especially sensitive and are classified as “special category”. This information concerns ethnic or racial origin, religious and political beliefs, genetic and biometric data, and health data, among other areas. Data handlers processing this kind of information should give serious consideration to how and why this data is used and ensure that it is only used when necessary. Organisation must also safeguard business critical data that can be exploited and capture an additional legal basis for processing any special category data.
  • What is the best way to secure personal data?
    One way we advise as an effective way of keeping data secure is to use encryption. Once applied, data encryption will scramble the contents of a message or file ensuring that no one can read the personal data without authorisation. Once a file or message is encrypted it can be shared or sent much more securely and reduce your risk of unforeseen data breaches happening and then potentially being fined. The ICO recognises the use of data encryption as evidence that an organisation has taken sufficient measures to secure data.
  • What happens during a ISO 27001 audit?
    There are 2 stages during an external ISO 27001 audit; Stage 1 is like a documentation review of your ISMS to see if it is suitable for certification and Stage 2 is the formal certification audit to see if you are recommended for accreditation. The audit is performed against clauses 4-10 of the ISO 27001 standard and the controls within Annex A. An ISO 27001 audit involves a competent auditor reviewing: The ISMS or elements of it and testing that it meets the standard’s requirements, e.g. the clauses, The organisation’s own information requirements, objectives for the ISMS, That the policies, processes, and other controls are practical and efficient. In addition to the overall compliance and effectiveness of the ISMS, as ISO 27001 is designed to enable any organisation to manage its information security risks effectively, the audit will also check that the implemented controls do reduce risk to a point where the risk owner(s) are happy to tolerate the residual risk. We can assist in preparing you, performing an internal audit and/or supporting you on the audits days as an effective extension of your team.
  • What happens during a CyberSure audit?
    CyberSure provides a rating of 1-5 based on your data security health and competence, The audit will review your organisation's security position of your cybersecurity systems and behaviours, as well as your data security standards. It is always the responsibility for the organisation to comply with data protection regulations at all times. ​ The audit will assess over the agreed days: How secure your behaviours are How secure data is whilst being stored and processed How secure are your network and devices. The current processes and policies in place regarding cybersecurity. How vulnerable you are to the current cyber threat landscape The level of cyber readiness of your organisation How robust and resilient you are against common cyber attacks The audit will take into account existing certifications such as Cyber Essentials so it is always beneficial to have these. If you need assistance with implementing CyberSure across your supply chain, then please contact our solutioning team today.
  • What happens during a Cyber Essentials Plus audit?
    Cyber Essentials Plus is the advanced variation of the Cyber Essentials certification. In this certification process an assessor from the IASME Cyber Certification Body, like ourselves, will conduct an audit of your systems. You are first required to pass Cyber Essentials and then you can apply for the Plus audit. The audit involves verifying the details on the self-assessment questionnaire which will include undertaking the following: Internal Vulnerability assessment External vulnerability assessment User Access Controls test Browser download test Email test
  • How long are the training modules?
    Our approach is to use bite size modules of 1-3 mins on average. We know that retention is maximised then and also it allows any self-study users to work around their busy schedule but not forget a long detailed training course when they return from a break.
  • What kind of training modules do you have?
    CentriVault Training offers several of the accredited CS-AT modules. ​CS-AT Module 1 – Information Security Fundamentals CS-AT Module 2 – Securing Your Business (Cyber Essentials) CS-AT Module 3 – Information Security Auditing (Cyber Essentials & ISO 27001) CS-AT Module 4 – GDPR Foundation and Implementation CS-AT Module 5 – Incident Response Planning & Management (ISO 27035) CS-AT Module 6 – Information Security Staff Awareness There are other Bite Size courses we can supply and if you have any specific needs then please contact training@centrivault.com.
  • How do you test to see if people have retained information you trained them on?
    This is a multi-step approach. We first test during the courses after each module to see if the user has taken in the key parts learned during that section. We also have an exam at the end for any accredited CS-AT course. For managed service customers, we also run regular simulation checks, like phishing emails, to see if team members are actively utilising the knowledge they have learned or if needed, target those that need further training. We also run mystery insight tests to see if team members are following the processes that they have learned by independent researchers testing against agreed scenarios. To find out more about our managed services packages, use the contact form on this page.
  • We already have some of what Vault Protect offers so would it still be useful?
    Simply answer, yes! Vault Protect is a hybrid managed security package that is made to fit around your current requirements. If for instance you already have the threat management side covered, then during our gap analysis assessment we will identify the areas of Vault Protect that you would benefit from and integrate that with your current setup. Our approach is to design defence-in-depth strategies and Vault Protect can be used to ensure any of your gaps are covered and your organisation is actively protected from the daily cyber threats. Contact us to begin the journey of seeing how Vault Protect can benefit you today.
  • What is Vault Protect?
    Vault Protect is our managed security services package (MSSP) to ensure that we help to keep your organisation protected from cyber threats. It is designed to cover a comprehensive range of services covering prevention, detection, analysis and response. It utilises a hybrid of our own unique services, expertise and our partner's industry-leading solutions. You can select the services and solutions you need and we integrate the package into your organisation. Our core solutions cover Risk Assessment, Threat Management, Digital Forensics and Incident Response. Contact our solutioning team to see how Vault Protect can support you today.
  • What do you use PDCA?
    Plan, Do, Check, Act (PDCA) is a continual improvement process methodology that helps to break down the stages and ensure each one is implemented effectively. It was used as the basis for the first iterations of ISO 27001 as the model for continuous improvement and a way to ensure any information security management system has been implemented and is maintained effectively. That is our approach for Vault Protect too.

Take the First Step

The next step is to add your contact details below so our engagement team can discuss with you to understand your priorities and understand the scope

Thanks for submitting!We will get back to you very soon

bottom of page