At MetricsLed™ your data and cyber security are our top priority!
Why Trust Us with Your Data?
At MetricsLed, we take cybersecurity seriously, ensuring that your information is safeguarded at every step. Wondering how we do it? Let us break it down for you in plain language:
Defence in Breadth, Depth, and Mind:
We don’t just stop at the surface. Our cyber defence strategies cover every angle – breadth, depth, and a vigilant mindset.
UKAS ISO Compliance and UK Cyber Essentials PLUS assured:
We adhere to industry standards, with third-party assessments validating our commitment to ISO 9001, ISO 27001 and Cyber Essentials BASE and PLUS standards. This means your data is handled, within our robust assured processes and infrastructure, with the utmost care and compliance.
NIST Equivalent Compliance
We follow the gold standard in cybersecurity – NIST. We’ve designed our ISO compliances to mirror the US National Institute of Standards and Technology. This is all to ensure your data is handled with precision and care, meeting or exceeding the compliance levels on both sides of the Atlantic.
GDPR Compliance at the Core
Privacy matters to us all. EU GDPR/UK Data Protection Act compliance is at the core of our operations, ensuring that user data is handled within the rules and as agreed on a contractual basis.
Local Laws Are Important To Us All
We’re not just global; we’re local too. We take into account local laws to ensure that our operations align with the legal framework of your region and where your users are based. We work with our clients to ensure we, as the data processor, meet local regulations governing the type of data in our hands as well as the legal rules on privacy and data protection.
Servers Where You Want Them
Your data stays close to home. Our servers (on-premise and in the cloud), by default, are based in the UK or within the jurisdiction you select, providing an added layer of legal compliance.
Thorough Staff Vetting
Our team is our strength. We vet our staff rigorously, including via third-party BPSS and SC level assessments, to ensure that only the most trustworthy individuals handle your sensitive information. You can choose the level of access to your data and choose the level of cleared staff allowed to view your data.
Annual Cyber Training
Knowledge is power. Our entire team undergoes annual cyber training. This is managed by third-party experts, keeping us on the cutting edge of security practices.
Our systems are equipped with the latest in logging technology and countermeasures, ensuring that any potential threats are detected, analysed, and neutralized in real-time.
Encryption by Default
We believe in encryption by default, to ensure your data is automatically encrypted – whether it’s in transit or at rest.
Multistage Penetration Testing
We don’t leave anything to chance. Our systems undergo rigorous multistage penetration testing by trusted third-party UK NCSC accredited suppliers.
Data and System Inheritance Process
Your data (and bespoke applications) is/are yours to use with us or without us. Throughout a system’s lifecycle we enforce a meticulous inheritance process ready to transfer your data back to you or to handover the application to a partner company to run in our absence.
Certified Drive Destruction
When it’s time to retire old drives, we ensure they’re destroyed in a certified manner, leaving no room for data breaches. Drives are initially deleted in-house to triple DoD standard, then handed over to external suppliers – all must meet UK standards for drive destruction.
Expert Support On-Standby
Need help? Our experts are ready to step in at a moment’s notice, ensuring that any issues are addressed promptly and effectively. Any issue raised by our users is logged in, issued a ticket and tracked to resolution. As part of our management and ISO requirements, all support and incident tickets are reviewed quarterly to ensure our responses exceed our service level agreements and any learning is regularly shared across our team.
Robust Bespoke Insurance
We’ve got your back in case the unexpected happens. Our bespoke corporate insurances (including key staff and cyber cover) are built with you at the core, ensuring we have the means to bring in additional expertise to respond to and remedy any cyber security incident.
At MetricsLed, cybersecurity is not just a feature; it’s a commitment. You can trust us to keep your data safe and secure.