Cadmidium Services Ltd

Cyber Security Assurance in the Cloud (CSAC)

Our CSAC service provides comprehensive world class cyber security consultation, guidance and support designed to protect the Confidentiality, Integrity and Availability of your data and services. Ensuring that your cloud solutions and cloud hosted data are appropriately protected and compliant with government security requirements, law, and wider policies.

Features

• Cyber security guidance and consultancy including SME support
• Gap Analysis and Business Development Road Mapping
• Cyber Essentials Support for Cloud based Systems
• Cyber Essentials Plus Support for Cloud based Systems
• ISO 27001 Accreditation support for Cloud based Systems
• ISO 27001 Internal auditing services
• MoD Assurance Support for Cloud based Systems
• Risk Management consultancy to comply with Government and industry standards
• Cyber Security staff training to facilitate organisational adoption and compliance
• Compliance to industry standards, Government, MoD, NCSC, NIST policy/guidance

Benefits

• Confidence that your systems and data are protected appropriately
• Reduction of the risk of system and data compromise
• Creation of Cyber Solutions compliant with regulations, laws, security policy
• Confidence of an accreditable solution during the design process
• Generation of all required security related documents
• Assurance that required procedures and processes are being followed
• Solutions can be deployed quickly and securely
• Reducing risk of fines caused by mishandling of personal data
• Confidence your business continuity requirements are being met
• Increased confidence and trust amongst your partners and customers

£500 to £1,200 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@cadmidium.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

561210615187483

Contact

Cadmidium Services
01242 861459
enquiries@cadmidium.co.uk

Planning

• Planning service: Yes
• How the planning service works: Within our Cyber Security Guidance and Consultancy Component, our team will work with you to navigate the complex world of Cyber; Security protection enabling you to understand the timescales, effort and activity required to get cloud-based solutions hosted and secured to the relevant government standard, as well as obtaining the required level of assurance. They will use Gap Analysis and Business Development Road Mapping as well as a 5 phase plan to ensure a successful accreditation outcome. These will include; Scope, Design, Build, Testing and Deployment.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: Cyber Security is a complex environment which requires explanation. Our CSAC service provides for the expert transfer of knowledge to enable customers to understand the assurance process and the requirements to get and keep a system accredited for the environment it is operating within. Our Cyber experts upon engagement develop a knowledge transfer plan and share knowledge of each step within our assurance service providing cost benefits to the organisation through efficiencies for on going accreditation or future re-accreditation of systems and services.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: When onboarding a solution into a cloud environment, it is essential that this is performed in such a way that the security of the solution or the data is not compromised. Our CSAC service provides guidance on how onboarding into cloud environments can be achieved securely and also produces the required supporting policy and procedures.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Cadmidium is an ISO 9001 certified company. Our CSAC services utilise our certified Quality Management Systems and many years of producing and reviewing Cyber security related documentation to ensure that the required level of quality, detail and relevant information is present for the solution to be compliant with the appropriate IT regulations, laws and governmental departmental policy. The quality provided supports the assurance that the solution is secure and fit for purpose.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Information Assurance
  • ISO27001 Audit
  • Accreditation guidance and support
  • Authority to operate guidance and support
  • Security documentation, including policy and procedures, produced and reviewed
  • Security assessments and gap analysis
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: The service is most successful if coupled with the client’s internal technical capability and business expertise. The customer should also consider and note any third parties involved with new deliveries relevant to the engagement scope. This may require non-disclosure or other commercial agreements for these parties to be engaged in an effective and collaborative way.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Dependant on the Service Level Agreement and Level of Support required, this can be analysed and agreed by both parties when requirements are established.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: A Service Level Agreement and Level of Support can be analysed and agreed by both parties when requirements are established.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau Ltd
• ISO/IEC 27001 accreditation date: 24/08/2023
• What the ISO/IEC 27001 doesn’t cover: Access to Source code, Use of privileged utility programs, Segregation of networks, Secure coding, Outsourced development.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Facility Security Clearance

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We adopted home working for all of our employees using Office 365 teams and hosted our diverse IT services in a carbon neutral data centre, having closed down our CO2 producing server farm. We then started to monitor our CO2 usage, reducing our CO2 from 2500KG per month to less than 300KG. Striving for more improvement, we stood up an internal project, which looked at a range of objectives to become Carbon Neutral by April 2022, which we have now achieved by partnering with Forest Carbon to offset our current CO2 and future CO2 production.

  Covid-19 recovery

  In the early stages of Covid, we moved offices to South Glamorgan, Wales, as our previous offices were incapable of Covid security Analysis identified areas of Wales had higher than average unemployment yet contained a breadth of highly capable talent. Having established our Cyber and Software / Engineering facilities, recruitment has been successful within these areas by finding local people who otherwise may have been on furlough or unemployed.

  Equal opportunity

  We are proud to be a Silver Member of the Armed Forces Covenant supporting ex-military personnel who have been injured or disabled during their military services.

  Wellbeing

  Cadmidium strive to provide our workforce with a balanced work / home life. Cadmidium has had a wellbeing function which was established in 2018, which has provided support for a range of things. Our Wellbeing function includes internal members who are first aid trained for mental health. Since moving to home working due to Covid-19, our wellbeing officer is responsible for ensuring working practices / work life balance harmonise ensuring overall wellbeing. During Covid 19 our wellbeing officer maintained regular contact with all employees, prioritising those who were living alone (working from home) and or isolating.

Pricing

• Price: £500 to £1,200 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@cadmidium.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.