Expected to be introduced in 2025, this bill aims to enhance the UK's cyber defences by updating existing regulations and expanding their scope across various sectors. The goal is to bolster the nation's resilience against cyberattacks and safeguard essential services.
Failure to Prevent Fraud Offence
Effective from 1 September 2025, organisations could face criminal liability if they fail to prevent fraud committed by associated persons for their benefit. To avoid penalties, companies must implement "reasonable" fraud prevention procedures. The UK government has published guidance to assist organisations in preparing for this change.
The regulations cover five sectors (transport, energy, drinking water, health and digital infrastructure) and some digital services (including online marketplaces, online search engines, and cloud computing services).
Key Actions for Businesses:
·      Assess and Enhance Security Measures: Review and strengthen your cybersecurity infrastructure to comply with upcoming regulations.
·      Implement Fraud Prevention Procedures: Establish and document reasonable measures to prevent fraud within your organisation.
·      Stay Informed: Keep abreast of legislative developments to ensure compliance and protect your business from potential liabilities.
Â
Proactive adaptation to these changes is essential for maintaining robust cybersecurity and fraud prevention frameworks.
The Home Office has published guidance that will provide organisations with important advice on the new corporate criminal offence of ‘failure to prevent fraud’, helping make sure they are taking action to prevent fraud.Â
Â
Marketing Agency Secures Client Data with Advanced Password Management Solution
Challenge
A marketing agency managing multiple client websites, digital platforms, and multiple API keys were facing challenges with their secure management and storage. Previously, they used on-premise, free software solutions to store both internal and client passwords. The agency encountered several issues:
Lack of visibility: They couldn’t track which team members had access to passwords, when they were accessed, or which passwords were being used.
ISO 27001 Certification: ISO 27001 compliance; demands strict security and auditing, the current system was inadequate.
Security risks: If passwords were compromised owing to a cyber-attack or rogue employee, the impact on the agency could be catastrophic.
The agency was also preparing to migrate from an on-premise Windows server to Google Cloud, which involved a potentially labour-intensive process for updating all passwords. They approached Conformedia with a wish list for a more efficient and secure password management system; they also hoped the solution could streamline the migration to Google Cloud.
Solution
Conformedia introduced Keeper, a dynamic password management system, to meet the agency's requirements. Keeper is not merely a password store but a sophisticated tool that provides secure management of passwords across teams and clients.
Key actions taken:
Created Managed Keeper instance, integrated with Google Workspace for SSO.
Setup managed user groups.
Migrated all passwords from legacy on premise solution to Keeper cloud solution, incorporating granular permissions and access control.Â
Enabled advanced auditing features tailored for the agency’s ISO 27001 certification requirements.
Advantages of Keeper Password Manager:
Comprehensive Reporting: The system can generate audit-ready reports to satisfy ISO 27001 compliance.
Security Features:
Enforced Two-Factor Authentication (2FA): Provides an extra layer of security.
Integration with cloud SAML identity providers, such as EntraID and Google Workspace.
Breakwatch: Performs regular scans to check for weak or compromised passwords, ensuring ongoing security.
Access Management:
Different access levels can be assigned to different users or teams, restricting access to only the relevant information.
Password access can be revoked immediately if necessary, such as when an employee leaves the company.
Secure Password Sharing: Allows the secure sharing of passwords with external parties, with the option to create one time links, with expiration dates for temporary access.
Cloud and Cross-Platform Compatibility: The system is accessible via a web browser or standalone app on Windows, macOS, and mobile devices.
Results
The implementation of Keeper provided the agency with several key benefits:
Improved security through 2FA and proactive monitoring of password strength.
ISO 27001 Compliance was met through thorough reporting and audit capabilities.
Cloud Accessibility: The team gained the flexibility to access the system via the cloud on multiple platforms (Windows, Mac, mobile, etc.).
Seamless password sharing with external parties in a secure and compliant manner.
Passwords were securely and effortlessly migrated to Google Cloud from the Windows server saving the team time.
Outcome
By adopting Keeper, the agency enhanced its security posture, ensured compliance with ISO standards, and eliminated the risks associated with their previous password management system.
For more information and advice, speak to Richard Twigger, Tel: 0113 234 1548
Zaap Thai Opens 7th Eatery in Durham, Supported by Conformedia's IT Expertise
Durham now boasts a slice of Bangkok’s bustling street food scene with the grand opening of Zaap Thai's seventh UK eatery. Offering authentic Thai street food, Zaap Thai transports customers straight into the vibrant atmosphere of a Bangkok market, but right in the heart of Durham.
Behind the scenes, Conformedia played a key role in ensuring a smooth and seamless launch. Having partnered with Zaap Thai and its sister company, Sukhothai, for many years, Conformedia's expertise in IT services has been pivotal in helping the restaurant chain expand efficiently.
By standardising the IT infrastructure across locations, Conformedia has enabled the restaurant group to scale effortlessly. The Durham branch benefits from a robust setup that integrates both Apple and Windows devices, provides reliable guest and private Wi-Fi, and ensures the seamless operation of PDQ machines for secure debit and credit card payments.
For those preferring to enjoy Zaap Thai's delicious dishes from the comfort of home, Conformedia help make sure Zaap’s integration with Deliveroo via a third party ensures online orders are handled smoothly.
With ongoing daily support via its helpdesk, Conformedia continues to deliver the IT backbone that keeps Zaap Thai's operations running smoothly, letting the restaurant focus on serving up the best of Thai street food to eager diners.
If you want to know how we can help your business - get in touch with Richard Twigger, T: 0113 234 1548
