At Datactics, maintaining the highest information security standards has always been at the core of our operations. This unwavering commitment has recently been formally recognised with our achievement of the ISO 27001:2022 Certification for our Information Security Management System (ISMS).

It is a major milestone in achieving ISO27001 and a powerful validation of our continuous efforts to protect client data and ensure the integrity, confidentiality, and availability of our information assets. In this blog, I’ll share our journey of achieving ISO 27001:2022.

The journey toward ISO 27001:2022 Certification

Our path to ISO certification began in Q4 2023, with invaluable support from industry experts at Vertical Structure.

The process started with a thorough evaluation of our existing security posture, carefully measuring it against the rigorous requirements set by ISO 27001. This stage involved a deep dive into our policies, procedures, and infrastructure to identify potential vulnerabilities and areas for improvement.

Following the evaluation, the DevOps team implemented targeted improvements over several months to strengthen our security framework. These efforts came to a head in January 2024 with a successful Stage 1 audit conducted by NQA. This initial audit was instrumental, providing us with crucial feedback and pinpointing specific areas for improvement.

The rigorous Stage 2 audit

By June 2024, we prepared for the critical Stage 2 audit and welcomed NQA back to the Datactics headquarters for an intensive review

This audit was exhaustive. For five days, the auditors scrutinized every facet of our ISMS. The audit team delved into our operations, from software development processes to client support systems and internal IT protocols. The auditors even spot-tested Datactics staff on their knowledge and understanding of Information Security Management within the company. This thorough examination ensured that no stone was left unturned.

Thanks to the hard work of our entire team, we successfully passed the audit! Datactics earned the ISO 27001:2022 certification, reinforcing our compliance with global information security standards and demonstrating our proactive approach to maintaining a secure operational environment.

Beyond certification: A commitment to excellence

For Datactics, the ISO 27001 certification is more than just a formal recognition; it embodies our ongoing commitment to excellence in information security and sets the stage for future advancements.

Achieving ISO 27001 is a significant milestone for Datactics and is the result of hard work and dedication from the entire team as we aim to grow and improve our security posture, proving the team’s dedication to providing secure and reliable policies and procedures that protect ourselves and our clients.

This milestone is more than just an endpoint; it marks the beginning of an ongoing journey. As we continue to innovate and expand our platform, maintaining a robust information security practice will remain a top priority. Backed strongly by our senior management team, we are ready to build on this foundation, creating a more secure, process-driven, and impactful data quality platform that will positively influence the industry.

As we continue our journey, the ISO 27001:2022 Certification for Information Security Management System reinforces our dedication to building a more secure, process-driven, and impactful data quality platform that will positively influence the industry. As a team, we are excited to see what comes next.

About ISO 27001:2022

The ISO 27001 certification is recognised as the global benchmark for managing information security. Datactics accreditation has been issued by NQA, a leading global independently accredited certification body that provides assessments (audits) of organisations to various management system standards since 1988. The process was supported by Vertical Structure, who conduct technical security training, helping companies to achieve certification to international standards such as ISO27001.

The post Datactics journey to ISO 27001:2022 certification appeared first on Datactics.

Datactics, a leader in data quality software has achieved ISO 27001:2022 Certification for Information Security Management System.

The ISO 27001 certification is recognised globally as a benchmark for managing information security. The rigorous certification process, conducted by NQA and Vertical Structure, involved an extensive evaluation of Datactics’ security policies, procedures, people, and controls. Achieving this certification demonstrates Datactics’ dedication to safeguarding client data and maintaining information assets’ integrity, confidentiality, and availability.

Victoria Wallace, Senior DevOps & Security Specialist, stated: “Security is at the heart of everything that Datactics does and achieving ISO 27001:2022 certification is a testament to the team’s unwavering commitment in this technical field. Showcasing the extensive work that went into this prestigious achievement proves that dedication and determination can lead to significant success, both within Datactics and across our client ecosystem. Achieving and maintaining this certification is a key part of Datactics’ progress in enhancing our secure, process-driven, and powerful data quality platform.”

Tom Shields, Cyber & Information Security Consultant at Vertical Structure, said “It was a pleasure working with the team at Datactics. Their enthusiastic approach to ISO 27001 Information Security and the associated business risk mitigation was evident in every interaction. Involvement from top to bottom was prioritised from day one, allowing us to integrate into their team from the very outset. The opportunity to guide such organisations in certifying to ISO 27001 is a privilege for us, and we look forward to continuing to work alongside their team in the future.

About ISO 27001:2022 Certification

Datactics’ accreditation has been issued by NQA, a leading global independently accredited certification body. NQA has provided assessments (audits) of organisations to various management system standards since 1988.

Founded in 2006, Vertical Structure is an independent cyber security consultancy with a ‘people-first’ approach. Vertical Structure specialises in providing people-focused security and penetration testing services for web applications, cloud infrastructure and mobile applications.

Vertical Structure also conducts technical security training, helping companies to achieve certification to international standards such as ISO 27001, Cyber Essentials and CAIQ and are proud to be an Amazon Web Services® Select Consulting Partner.

The post ISO 27001:2022 Certification Success appeared first on Datactics.

Apprenticeships have long been heralded as education and study opportunities for young school leavers, acting as an entry point to certain jobs. Sometimes apprenticeships are thought of as not encouraging progression along a tailored career path for an individual. However, this is not the case at all!

Within the IT industry, apprenticeships are a great way to learn the trade and jump-start a career in any specialty. An ever-increasing reliance on technology is driving demand for IT professionals with a wider range of skills, qualities, experience, and education. Apprenticeships provide a unique support framework for new and prospective IT professionals to learn the relevant skills they’ll need to succeed in their chosen role, without sacrificing their time and worth.

According to Jobrapido’s (2019) research, two-thirds of the UK workforce wrongly believe they are too old to become an apprentice, when in fact, they could not be more wrong! These apprenticeships are not aimed at young people only; rather, people of all ages, backgrounds, and experience are actively encouraged to enrol. Apprenticeships are a golden opportunity to receive hands-on experience and technical instruction, whilst studying and improving technology and business skills. This is particularly useful for those who may not be able to access these through a direct route such as university, due to their financial situation or other accessibility issues.

The benefits of apprenticeship schemes

By taking part in an IT apprenticeship, all students of the chosen academic pathway are exposed to a genuine work environment, and have the added benefit of applying the classroom context to the workplace role and responsibilities. This fluidity allows employers to coach the apprentice in the particular skills and expertise necessary for success and growth in the role, and enables comparisons to be drawn between learning and the ‘real life’ aspect.

As part of the apprenticeships, those in the IT field are usually assigned tasks to complete, with specific deadlines. This helps to reinforce the value of teamwork and teach the responsibility and accountability necessary to meet professional expectations. In turn, this empowers them to build their own knowledge base and prepare them to succeed in the competitive IT job market, which can seem daunting and overwhelming on a first-encounter basis.

Offering access to workshops, forums, events, exams, and certifications, these apprenticeships promote the cross-functional skills needed to showcase talent within the industry. The combination of technical instruction, access to invaluable resources in the form of people and text, and hands-on workplace experience can be a gateway to an extremely successful career within the IT industry; something which, for many, may not have seemed achievable through traditional academia.

Earn while you learn

Furthermore, an incentive of IT apprenticeships is the ‘earn while you learn’ model. These schemes provide an income in addition to invaluable education, allowing for flexibility and providing a sense of agency. Apprenticeships do well to encourage viewing learning as not simply an academic pursuit, but as an opportunity to improve your skills (and maybe even your lifestyle!). This is an incredibly important facet of this style of education, as participants do not have to sacrifice their time or their worth in order to lay the foundations for a secure and promising future, both for themselves and their families.

We are now starting to see an increase in the marketing, promotion, and knowledge transfer surrounding apprenticeships, as well as more availability in terms of industries, roles, and experience provision. Within Northern Ireland, more and more emphasis is being placed on apprenticeships and the skills they provide which feed the NI economy-something that is so desperately needed.

It’s important to remember that it is not just the learner who can benefit from apprenticeships, but also the employer. For apprentices aged 16-24, the full costs of the directed training element of the apprenticeship are funded by the European Social Fund (ESF) Programme and the Department for the Economy (DfE) in NI. Additionally, an Employer Incentive Payment is available to employers when their apprentice completes their Level 2 or Level 3 apprenticeship framework.

This means that employing an apprentice is often more cost-effective than hiring someone skilled. Moreover, the mixture of on and off-the-job training means an apprentice benefits from experienced staff who know how the business works, while also developing new skills and gaining exposure to the latest techniques from qualified trainers. This development inspires staff to work towards and reach their full potential, leading to increased productivity, improved competitiveness, and a competent workforce.

Rising interest in apprenticeships

In recent years Northern Ireland (and Belfast in particular), has become recognised on a global scale with steady growth and a focus on areas such as cybersecurity, fintech, and software development, attracting a number of multinational corporations, such as Allstate, Citigroup, and IBM (VANRATH, 2023). Northern Ireland is the #1 international investment location for US cyber security firms and Belfast is Europe’s leading FDI destination for new software development (fDi Markets FT, 2023).

With this said, we can see why there is a rising trend of apprenticeships in the IT industry for 2023, and I can personally provide further evidence of the success rate of this approach to career development.

From System Administrator Apprentice to Security & DevOps Engineer

I joined Datactics in 2020 through a Level 3 IT apprenticeship program in Networking & Infrastructure offered at Belfast Metropolitan College.

The process consisted of a simple application, and invitation to complete Mindmill aptitude tests. Upon successful completion, employer applications could be made. I interviewed with Datactics and immediately was keen to get started there. The people were so friendly and welcoming and the Systems Administrator apprenticeship seemed very inviting – with the DevOps team encompassing a range of roles and responsibilities which would all contribute greatly to my chosen industry path.

After accepting the job offer and induction at the company, a 6 week bootcamp at Belfast Met started remotely (due to COVID19). This consisted of a well-rounded introduction to all networking and infrastructure aspects of IT, as well as some basic soft skills and IT tools, with tasks to encourage students to put the theory and knowledge into practice. Completion of the bootcamp lead to the beginning of the Networking & Infrastructure course, which I completed in May 2022, and was awarded Learner of the Year at the Belfast Met Apprentice Awards.

This has led me to my newest role of Security & DevOps Engineer at Datactics, which I thoroughly enjoy, and has allowed me to work towards specialising within the industry. I am excited to see where Datactics will lead me next, and I am reassured that at any time, I can return to my studies at a higher level.

Apprenticeships in Northern Ireland are currently offered at Level 2, Level 3, and Level 4 upwards, and existing ability and qualifications are taken into consideration during the application stage. Completion of a level typically takes two years, broken down into attendance with the employer four days a week and the training provider one day a week. Application and acceptance requirements include:

• having reached the minimum school leaving age in NI (16 years)
• be employed or be about to take up paid employment in NI
• be working a minimum of 21 hours per week on a permanent contract
• meet all the entry requirements and eligibility considerations of the chosen apprenticeship

This is an exciting time for the region, and for the IT industry as a whole, and I would openly encourage anyone with an interest in any aspect of technology to seriously research and consider an apprenticeship as the foot in the door they need to achieve their cyber and technology end goal.

The post The rising popularity of apprenticeships to kickstart a career in the IT industry appeared first on Datactics.

No one team can be all things to an entire company – Or can they?

 Last week the DevOps & Security Team here at Datactics got together to reflect on what our priorities are as a team and to plan out 2023. 

As a small team in an ever-growing company, we began the session by reflecting on what our role has looked like at Datactics, before honing in on what the key areas of focus are for us this year. After plenty of discussions, it turns out that (at least for all things IT) one team can indeed be a lot of things. 

What does DevOps do? 

At Datactics, you can break down what it is the DevOps team does into 6 main areas:  

• User Support (UserOps) – Supporting the company’s user base. 
• Systems Operations (SysOps) – Supporting the hybrid infrastructure.  
• Security Operation (SecOps) – Keeping the company safe and secure from threats. 
• Development Operations (DevOps) – Supporting the developers and making it easier for them to develop. 
• AI/ML Operations (MLOps) – Supporting the AI/ML engineers and making things work. 
• Client Support (ClientOps) – Working to keep our clients happy. 

In light of this, we shared some thoughts on what developments we’re expecting to see within IT infrastructure over the next 12 months, covering everything from self-service user support to AI and automation. 

User Support – The Rise Of ‘Self-Service’  

Everyone likes a bit of self-service. From online check-in to self-scan checkouts in the supermarket, we like to do things for ourselves. The world of IT infrastructure is no different, with self-service user support becoming an increasingly popular option for busy organisations.

People are seeing the benefits of self-service user support in the form of reduced costs and increased efficiency. Additionally, this frees up valuable IT team’s resources, which can then be redirected into other areas of the business. 

What does self-service user support mean for Datactics? Throughout 2023, we will be looking to make as many offerings as possible to our end users. Leveraging the ever-growing force of Powershell and other scripting tools, we want to equip our users to help themselves. 

(We do, of course, still look forward to interacting with our users when they undoubtedly have their “we forgot our password” moments) 

Hybrid Infrastructure: It’s Here To Stay 

This is one I often see debated. When I first joined Datactics, there was plenty of discussion around whether or not we could be a fully  cloud company (a discussion I am sure many of you have had yourselves, or are perhaps having right now?) – The answer back then was found to be no, we could not move fully to the cloud given the nature of the company. I am now into my fourth year and I still stand by that decision. 

We are a hybrid-cloud company making use of various SaaS offerings such as Office365, Jumpcloud, AWS, and more, alongside our internal services all running across our VMWare estate. As we continue to push into AI/ML and develop new platform offerings, I see this blended approach growing and we’re looking forward to working alongside our partner, Dell, as we expand.  

Alongside this, and overlapping with our ClientOps piece, we will be continuing to review and improve on the Datactics Platform Cloud deployment by using tools from Ansible and the Azure Marketplace – As clients continue on their hybrid journeys, we have a responsibility to make sure we have options for both On-Prem and On-Cloud deployment.  

Being hybrid gives us the necessary level of control over all systems that we require and, personally, I just don’t see cloud offerings matching that anytime soon (agree or disagree, I am always happy to discuss this one, so feel free to drop me a line!). 

Security Is King 

Unless you spent 2022 living under a rock, it’s hard to ignore the increase in the number of security hacks, breaches, and threats that insidiously infiltrated some of the world’s largest organisations last year. The constant threat of attacks like these isn’t going anywhere and the cost of a breach similarly shows no sign of diminishing. IBM’s Cost of a Data Breach report revealed that the global average cost of a data breach reached an all-time high of US$4.35 million in 2022. 

For us, whether we are trying to protect our infrastructure, increase user security awareness or add additional features to better secure our platform, security really is king. We make use of multiple tools at Datactics (both on-prem and SaaS) to accomplish our infrastructure estate’s security, which enables us to stay on top of all current threats and ensure that we are as protected as possible. 

This year, we intend to take things a step further and are currently looking at what’s involved in obtaining ISO or SOC certifications, in addition to maintaining our Cyber Essentials Plus Certification (the highest level of certification offered under the Cyber Essentials scheme). We will also be increasing our end-user security training and will be running a number of drills to make sure our people are as security savvy as possible. 

Empower your developers 

DevOps is now an industry standard term. However, if you ask two DevOps Engineers for a description of their job, you will get two entirely different answers. For us here in Datactics, we see DevOps as making the lives of our developers as easy as possible – Giving them access to tools that allow them to do what they do best (and quickly).  

With a number of big projects in the pipeline for us in 2023, we see this as a key role and are constantly increasing our automation offerings to the dev team to make operations and software delivery as efficient and effective as possible. Using Ansible, Terraform, and other toolsets, we aim to support the Datactics development team as much as possible in their projects; supporting agile software development without being a roadblock.  

The use of AI and ML in Infrastructure 

We are privileged to have an amazing team here working on our AI and Machine Learning offerings. In a short period of time, they have developed a number of different micro-services for Data Quality which we’re looking forward to seeing make waves in the market this year (keep an eye out for more news on this). 

As many of you will know, the complexities of bringing an AI/ML offering to market are massive and we certainly found this to be true. We worked closely with the AI team last year to make our offerings production ready by going through various deployment options and, of course, security testing alongside our partner Vertical Structure.  

As we go to market in 2023, we look forward to taking things further. We will be getting alongside our clients and leveraging the power of the cloud with the help of tools like ECS, EKS, AKS, and Tanzu, as we bring AI/ML to the wider Data Fabric market.  

Clients: We Love Them 

From initial introductions to POCs to production deployments, clients are key in pushing us to be better. They help to steer platform roadmaps and keep us on our toes. No matter how good the QA is, a client will always try to do something with our platform that we had not considered. As we support the Datactics client base in the deployment, support, and development of our platform, we cannot wait to see where they take us next.  

Datactics are lucky to work alongside a great client base – As we aim to fulfill our mission statement of becoming an indispensable partner we look forward to continuing to work with all of them throughout 2023. 

As 2023 stretches out before us, I look forward to working with the talented DevOps & Security Team (Paddy Donnelly, Victoria Wallace & Jessie Steenson) and the wider Datactics family to push the limits of what we think is possible; achieving not only the highlighted areas above but so much more. 

As a wise man once said, we want to go “To Infinity And Beyond!”

The post DevOps and Security – What to look out for in 2023 appeared first on Datactics.