Asite has become one of the only software platforms to achieve a prestigious accreditation issued by the Cyber Defence and Risk (CyDR) team.
The accreditation enables Ministry of Defence (MoD) data at the ‘Official Tier’ to be stored and processed with an acceptable level of risk, providing organisations in the construction industry with the highest level of security for their data. This includes Laing O’Rourke, Transport for London, Environment Agency, and Berkeley Homes – to name a few.
In 2017, an industry security notice was released detailing security accreditation requirements that shall always be applied for every industry-owned Information and Communications Technology (ICT) system that stores, processes, or generates MOD data.
CyDR is the sponsor of the accreditation process for MOD, providing support and advice and overseeing accreditation activity across defence.
All requests to accredit ICT are processed through the Defence Assurance Risk Tool (DART), which was introduced to provide the MOD with a mature understanding of the ICT security risks across the department and its industry partners through the information input onto DART by companies and organisations.
Following a detailed review by the CyDR team, Asite has satisfied all security requirements to store and process MoD data. This includes:
- Annual IT health check, which includes internal and external skilled 3rd party penetration testing
- Alignment with current National Cyber Security Centre (NCSC) Cloud Principles. The 14 principles have been made to align ISO 27017 to ensure protection to cloud customers
- Annual review, including verification that all the conditions of the accreditation continue to be met.
Speaking on the announcement, Chris Cannings, Chief Information Security Officer at Asite says: “This accreditation is another string in the bow of Asite. It demonstrates our cyber security maturity as an organisation and our commitment to protecting our customer’s data. As Asite continues to grow and develop its capabilities, we intend to keep leading the way in our approach to protecting our customers and our platform.”
The accreditation enables Asite to manage MOD data through its cloud platform, including the handling of data at ‘Official Tier’.
The Asite platform provides customers with a robust cloud system for document management that features top-level security functions, including comprehensive access controls and full audit logging.
Customers can control access to certain documentation by assigning user roles and privileges. In addition, the platform showcases an extensive audit trail; a record of all documents created or modified by different users is maintained on the system, ensuring Information is safe from accidental deletion.