Our security credentials

Security credentials

All websites and applications hold some kind of personal information about their customers, and your business will be no exception. More than ever it is vitally important to make sure that the data your customers trust you with is as safe and secure as it can be.

While every digital agency will tell you how they understand why security is important, Headland developers have over 15 years of experience in developing secure financial systems, having designed and built the UK’s first general-purpose bill payment system back in 2002. Originally built for Girobank, the system is still developed and supported by us today with over 200 local authorities and services relying on the technology for payments, every minute of every day.

At Headland we employ our own security guidelines, taking into account our vast experience over many years of technological changes, covering vulnerabilities such as cross site scripting, SQL injection and the importance of the contextual validation of all data.

But more importantly, we can back up our security credentials with the Government’s Cyber Essentials Plus security standard, and FSQS accreditation.

Cyber Essentials Plus

Cyber Essentials Plus

This is effectively a security standard set by the Government as part of the National Cyber Security Strategy.

Unlike the simpler Cyber Essentials scheme, the ‘Plus’ is a fully manually audited accreditation where a security specialist visits the business premises to penetration test and confirm the following:

  • The security of all devices and the validity of all software used by the company.
  • Firewalls and security surrounding all company-wide internet connectivity.
  • The controls that govern secure access to all data and services.
  • Testing that all systems and devices are protected both automatically and procedurally to viruses, malware and online fraud.

Like FSQS, the Cyber Essentials Plus accreditation is applied for yearly to make sure our security systems are always up to date.


FSQS Accreditation

The FSQS accreditation mark is valued by some of the largest purchasers in the financial industry. It indicates a successful audit process and demonstrates Headland’s commitment and credentials to the industry.

The FSQS auditors check more than 12 areas for compliance, including our approach to financial stability, IT security, fraud, GDPR and responsible business governance.

The accreditation is accepted as part of the pre-qualification process by 18 major banks and insurance companies including the Bank of England, Santander and Lloyds Banking Group.

The FSQS accreditation is updated yearly to make sure we keep up with all new legislation and security methodologies.

Fraud Awareness

With online fraud on the rise, it’s very important for a company to make sure that systems are in place to intercept any fraudulent attempt to fraudulently access our data or to gain financially by deceptive means.

While we employ the standard automatic detection systems for emails and access controls, by far the greatest way to succeed in the prevention of fraud is to make sure staff understand the means by which fraudsters work their trade through false representation, failing to disclose all information and abuse of position. Therefore, all our staff undertake fraud awareness and prevention training annually.