Boyce Hatton are a law firm who have been based in Torquay for more than 60 years and, more recently, they opened an office in Totnes to go alongside offices in Exeter and Plymouth. Boyce Hatton provide personal, professional legal advice for people and businesses.
Boyce Hatton contacted Nexus looking for help to improve their cyber security and defend against cyber-attacks. Their IT infrastructure (hardware and software) needed to be refreshed and updated to pave the way for better cyber security for both Boyce Hatton and their clients, including better mobile device management – securing any mobile device that accessed their company’s resources – and improved Wi-Fi security.
I have no doubt that our accreditation was achieved because of the diligent approach provided by Julian and the team at Nexus.
Helen Graham, Practice Manager
Boyce Hatton required Cyber Essentials certification in order to provide credible cyber security for their clients and for some tendering processes. Helen Graham at Boyce Hatton explains: “Nexus have been our outsourced IT provider for nearly two years and have provided invaluable advice and guidance to assist us in gaining our accreditation, and put in place controls and procedures to ensure our working practices are the best they can be.
“The work was quite involved and we were lucky to have [Nexus service delivery technician] Julian Dean to guide us through the changes required. Julian provided a thorough and professional approach throughout, dealing with our many queries in a patient and helpful manner, and ensuring the reasons behind changes to our working practices were understood. I have no doubt that our accreditation was achieved because of the diligent approach provided by Julian and the team at Nexus.”
Challenge
Julian says: “With most of our projects, the challenges tend to be cultural and arise from introducing new ways of doing things that the company’s employees and their clients have to get used to.”
In this case, Nexus introduced increased password complexity and multi-factual authentication – where the user is only granted access to a website or application after successfully presenting two or more pieces of evidence to an authentication mechanism.
Strategy
New regulations from Cyber Essentials were introduced at the beginning of 2022, making it much harder to achieve certification. Nexus carried out a vulnerability scan on Boyce Hatton’s IT environment – firewall, servers, workstations and the cloud – and highlighted areas that needed to be changed in order to improve security.
Solution
Cyber Essentials is an effective, Government-backed scheme that helps to protect organisations against a whole range of the most common cyber-attacks. Gaining Cyber Essentials certification is a complex process, but, once achieved, it offers:
- Certified cyber security
- Reassurance to customers that you are working to secure your IT against cyber-attack
- New business possibilities (with the promise you have cyber security measures in place)
- A clear picture of your organisation’s cyber security level
- Cyber Essentials certification, which is essential to any Government contract.
Helen adds: “With the threat of a cyber-attack constantly on the rise, having the Cyber Essentials accreditation provides reassurance to our clients that we are doing all we can to prevent any breach of our IT systems and data.”