A year and a half ago, more or less, we told you in this blog that we had obtained the certification of the National Security Scheme in its medium level. But MailComms Group likes continuous improvement, especially if this has a direct translation to the service we provide to our customers. For this reason, and after months of hard work, we can announce that we have gone even further and obtained ENS accreditation at its highest level.

Obtenemos máximo nivel de ENS

National Security Scheme

The ENS is a standard designed and promoted by the National Cryptologic Center (CCN) to promote data security and privacy, and to protect data in cases where electronic transactions are carried out. This standard was born in 2010, underwent an important remodeling in 2015 and another very relevant evolution in 2022, to which this certification we have just obtained belongs.

ENS logo

Companies that offer this type of services to public administrations are required to be accredited, so that public entities minimize the risk of cyber-attacks that may occur due to security flaws in suppliers. But having this accreditation, or rather, bringing a company’s systems up to the robustness, reliability and protection required to obtain it, is de facto an asset for any firm working in the digital world with other private organizations or clients. It’s about responsibility, quality and trust.

Here you can examine the certificates we have obtained for two of the MailComms Group companies:

> Download the MailTecK certificate

> Download the Customer Comms certificate

National Security Scheme Levels

There are three levels of ENS: low, medium and high. Each of them is more demanding than the previous one and reaching a higher one means meeting the lower ones and adding new requirements.

We have just been accredited at the highest level, the most rigorous of all and, to achieve this, we have implemented and demonstrated organizational and technical measures aimed at ensuring the so-called CITAD or 5 dimensions of information (in each and every one of them we have reached this level):

  • Confidentiality
  • Integrity
  • Traceability
  • Authenticity
  • Availability

The high level of ENS is suitable for public entities, such as defense or intelligence organizations, financial organizations, technology companies or healthcare companies. That is, those that handle highly sensitive information or information classified as secret.

How did we obtain ENS accreditation?

Any company wishing to become ENS certified must pass a very exhaustive and comprehensive audit, which examines technological, organizational and process aspects, among others. Always under the magnifying glass of the 5 dimensions of information and in the frameworks of cybersecurity and information security and privacy. In fact, it integrates well with the ISO 27001 (information security) and 27701 (information privacy) that we already had previously.

Regarding this analysis, Sonia Lasheras, the company’s CISO, says: “It has been a tough and intense audit because the new ENS has increased the requirements and also because our objective was to be certified at the highest level, as we have achieved. I would go so far as to say that it is the most demanding audit of all the audits we do. And the result has been very good“.

The report highlights as strengths the commitment, involvement and experience of our professionals, as well as our knowledge of the tools and architecture proposed with the information security requirements. The use of corporate technological and organizational services such as AWS and WAZHU, as well as our technical capacity in preventive security issues, have also had a positive influence.

Benefits, for you, of this certification

Obtaining this accreditation at its highest level differentiates us within our sector. It does this in many ways, but we can highlight four:

  • Reaching a high level is unusual, which makes us unique.
  • We are certified in the new ENS:2022, which is also a differentiating factor.
  • The scope is global and refers to absolutely all the services we provide.
  • It is a certificate required by public administrations and also by private companies that are clients of these administrations (supply chain).

In our day-to-day business with you, this high ENS level means that the data we work with on our shared projects is safer and more private than ever before. It also translates into a more exhaustive and guaranteed regulatory compliance, if possible, and in that we exceed the requirements necessary to work with public administrations, something that your suppliers are required to do if you provide them with services.

Want to know in what other ways our highest ENS accreditation positively impacts you?

Please, leave us your data in this form and we will contact you to explain it applied to your particular case.

    Name*

    Last Name*

    Company email*

    Phone*