We’re delighted to announce that Found is now Cyber Essential certified and ISO 27001 certified. This means that our users will benefit from additional levels of protection and security when using our platform.
Here, we’ve explained what these two certifications mean and why they’re important - both for Found itself and for the care homes we’re partnered with. We’ve also listed some of the other measures we take to keep your information and data safe.
What Is Cyber Essentials?
Cyber Essentials is a government-backed scheme that helps organisations of all sizes protect themselves against various online threats.
Since its launch in 2014, over 120,000 certificates have been awarded to numerous businesses, charities and other organisations across multiple sectors.
Found’s Cyber Essentials certification shows that we have the necessary technical controls in place, in accordance with the Cyber Essentials standards.
Why Is Found Now Cyber Essentials Certified?
The verification of our security processes is a key part of ensuring the data of the care homes we work with is kept secure. What’s more, this verification helps us stay aware of best practices and any new threats that could arise.
What Is ISO 27001?
ISO (the International Organisation for Standardization) is an independent body that ensures the safety and quality of products, services and systems.
ISO 27001 is a framework of processes and policies that help organisations protect their information by using an ISMS (Information Security Management System).
Why Is Found Now ISO 27001 Certified?
Being an ISO 27001-certified organisation demonstrates a commitment to continual improvement and the protection of sensitive care home information by implementing necessary policies, risk assessments and controls.
This is our way of showing the care homes we’re partnered with that we take information security management very seriously. This certification indicates the care we take when handling valuable information, data and other intellectual property.
What Other Measures Does Found Take To Protect Your Information?
The Found team regularly discusses security and is continuing to implement further measures to protect our users against any potential risks.
Found has several other features in place to protect your information when using our platform, including:
- Users to log in with a username and password over a secure connection (HTTPS)
- 2-factor authentication (for those who wish to use it)
- Client databases are replicated across multiple servers in real time to ensure data is always available using Aurora Serverless V2 clusters. We have a continuous Point in Time recovery backup set up
- The regular testing of our network and infrastructure to ensure that we remain operational when components fail
- A dedicated hosting option for clients who want full control over the application, their data and the hosting environment
- 24/7 monitoring from Datadog, as well as Route 53 Health checks
- Continuous application vulnerability scans from AWS ECR and Github Renovate Bot
- Intrusion Detection & Incident Response from AWS GuardDuty
- Annual pen tests and continuous automated web scans