Trust starts with transparency

At Cogenesis, our commitment to security, resilience, privacy, and compliance forms the foundation of the trust we build with our clients. Safeguarding your data and ensuring the integrity of our systems and services is at the heart of our operations. We believe in maintaining openness about our internal security measures.

Our team is dedicated to continually refining our processes to anticipate and address emerging risks. If you have any queries, concerns, or require further information such as audit reports or documentation, please feel free to contact us at [email protected]

Security

We build our internal systems with resilience and security in mind, ensuring that when we manage your business, we offer a strong security foundation for your operations as well.

Supply Chain Risk Management

Cogenesis conducts thorough security assessments of all third-party vendors prior to engagement to ensure compliance with our security standards.

Endpoint security

Only company-owned devices are permitted to connect to the Cogenesis network, and each device must meet rigorous compliance standards before it can be used to support your business.

Network and perimeter security

Cogenesis uses advanced firewalling and perimeter security to safeguard its networks. We separate corporate, hosted, and customer networks for full segmentation, ensuring data integrity and always preventing crossover between environments.

Incident response

As your MSP, we implement robust incident response procedures, tested frequently, to quickly manage incidents. This protects your organisation, minimises disruption, and ensures professional handling from containment through to review

Passwords and authentication

As your MSP, we enforce strong password policies, mandatory MFA, and strict access reviews. These controls protect your systems from unauthorised access, ensuring your data remains secure and compliant at all times.

Penetration testing

As your MSP, we implement robust controls in our own environment, including independent penetration testing – to strengthen security and reliability. This approach not only ensures our services are safer and more resilient, but also allows us to apply the same penetration testing and security controls to your environment for enhanced protection.

Secure remote access

We encrypt and monitor all remote access to your systems using zero-trust controls. Every connection is authenticated, authorised, and logged, ensuring your data stays secure, compliant, and fully traceable.

Vulnerability management

We regularly scan our internal systems for vulnerabilities, promptly address risks by severity, and maintain compliance – ensuring your data stays secure and protected with proactive measures.

Continuous security monitoring

As your MSP, we implement continuous monitoring of security telementary. This ensures early threat detection and protection, providing greater security and reliability for your organisation’s data and services.

Data loss prevention

we’ve deploying advanced data loss prevention controls within our own systems – ensuring your information is safeguarded, minimising risks of data breaches, and delivering enhanced security and reliability for your business

Role based access

We enforce role based access in our internal systems, ensuring staff can only access information needed for their roles. This minimises risk, enhances data security, and gives your business added assurance that sensitive customer data remains well protected.

Resilience

Our operations are structured so that we are consistently accessible whenever you need us.

Risk management

we categorise and assess risks within our own systems to strengthen our resilience. This proactive approach ensures we’re better equipped to protect your business, providing you with greater reliability and peace of mind.

Backups

we maintain encrypted backups on our internal systems. This means your data if processed by us is protected and can be quickly restored if needed, ensuring business continuity.

Business continuity planning (BCP)

We’ve implemented this control across our internal systems to enhance security and reliability. By doing so, we not only protect our own operations but also ensure your services are more resilient for you.

Disaster recovery (DR)

we maintain robust disaster recovery protocols across our internal systems. This ensures your services remain resilient and your data is protected, minimising downtime and safeguarding your business operations in the event of unexpected disruptions.

Systems monitoring

we rigorously monitor our internal systems. This proactive oversight ensures rapid issue detection, helping to keep services reliable, secure, and available – minimising risks and maximising peace of mind, that we are here when you need us.

Privacy & data protection

We design our platform for resilience and availability, so your operations remain uninterrupted even in the face of disruption.

Data Classification Labelling

we apply strict data classification labelling within our internal systems. This ensures sensitive information is properly handled and protected, giving you confidence that your data when handled by us remains secure, accessible only to authorised personnel, and in line with best-practice standards

Encryption

we encrypt all data at rest and in transit within our internal systems. This ensures your information stays secure, protected from unauthorised access, and compliant with best-practice standards.

Data retention and disposal

Data retention and disposal protocols are established. When a contract ends or assets are discarded, customer information is safely erased.

Secrets management

Approved mechanisms are used to manage credentials and keys, following policies that undergo regular review. Access to secrets is limited and they are periodically rotated.

Access Reviews

We conduct regular access reviews within our internal systems, ensuring only authorised staff retain appropriate access. This proactive measure safeguards your sensitive information, reduces risk, and gives you added confidence that your data remains protected and secure.

Use of AI

we deploy AI and ML tools within our internal systems to boost security, efficiency, and reliability. We apply controls to help identify risks faster and automate safeguards, ensuring data is protected and service quality consistently meets industry standards.

Compliance and governance

By conducting independent audits and enforcing robust internal policies, we ensure accountability and build trust while maintaining industry standards.

Privacy, Ethics, Inclusivity

we uphold strict privacy, modern slavery, and inclusivity standards within our systems. This ensures your data is handled ethically and securely, providing you peace of mind and supporting responsible business practices across all services

Employee background checks

We conduct thorough background checks and ensure staff are certified, strengthening our internal systems. This proactive approach helps safeguard your business by reducing security risks and enhancing trust in our services.

Change management

we implement change management controls, ensuring work is performed in a secure manner, tested, and approved.

Information security governance

Senior leadership regularly oversees and updates security policies and standards, ensuring they are reviewed periodically.

Externally audited SOC 2

Cogenesis holds SOC 2 Type 2 certification and undergoes external audits to ensure data is protected with controls for security, confidentiality, integrity, and privacy.

Employee Training

We’re committed to ongoing employee training on our internal systems, ensuring your data is protected and our services remain reliable, so you benefit from enhanced security and consistent support.