Data Security at Data8: Why We've Gone the Extra Mile with Cyber Essentials Plus
At Data8, we believe that data security isn’t just a box to tick – it’s a fundamental commitment to our clients. That’s why we always follow industry best practices and comply with all relevant Data Protection legislation, and why we’re proud to announce that we have recently obtained our Cyber Essentials Plus certification, building on our existing Cyber Essentials certificate and ISO27001 system.
What Is Cyber Essentials?
Cyber Essentials is the minimum standard of cyber security recommended by the UK government for all organisations operating in the country. It is an independently verified self-assessment certification that establishes whether the five most critical cyber security controls are in place, significantly reducing the likelihood of a cyberattack.
Holding this certification demonstrates that we understand the fundamental requirements for protecting our organisation and more importantly, our clients’ data.
What Is Cyber Essentials Plus?
Cyber Essentials Plus offers a higher level of assurance with the addition of a hands-on, independent technical audit carried out by an external assessor.
As the highest tier of the scheme, Cyber Essentials Plus adds a significant layer of credibility, proving that our cyber security controls don’t just exist on paper – they will actually hold up under a real cyberattack.
Why Do We Hold Both?
Whilst our Cyber Essentials certificate demonstrates that we understand how to protect ourselves against cyberattacks, the Cyber Essentials Plus certification proves that those controls will stand firm when put to the test. Together, they reflect our ongoing dedication to going above and beyond the minimum standard.
Our Wider Commitment to Data Security
Our Cyber Essentials certifications sit alongside a broader framework of rigorous data security measures. At the heart of this is our ISO27001 certified system, which governs all aspects of our security operations.
Our disaster recovery infrastructure is built on geographically diverse, replicated data centres, backed by fully documented and tested continuity plans. We conduct regular penetration testing across our website, network infrastructure, and any new developments to identify and address vulnerabilities proactively.
We are fully committed to GDPR regulations, operating only on documented client instructions, maintaining strict confidentiality, and ensuring the security of all data processing activities. Our data retention approach further reinforces this, with full audit trails, encrypted storage and transit, and client-visible access logs providing complete transparency.
At Data8, data security is never an afterthought – it’s woven into everything we do. Read more about our Data Security policies here.
Join the 1,000+ companies who’ve already elevated their data quality