Compliance FAQs for Express and Pro Package Customers
Welcome to our Compliance FAQ section! This guide is designed to help you understand the compliance-related aspects of our Managed Service Provider (MSP) services, specifically for customers on our Express or Pro packages. Please note that this information is for guidance only and is not valid for certifications such as NEN/ISO. For certification purposes, controls must be documented within your specific environment using our Compliance Module.
Our Express and Pro packages offer varying levels of security to meet your business needs:
Express Package: This package includes basic security measures such as antivirus protection, firewall management, and regular security updates. It is ideal for small businesses looking for essential protection.
Pro Package: This package offers advanced security features, including Managed Detection & Response, Mobile Device Management and comprehensive security monitoring. It is suitable for businesses that require a higher level of security and compliance.
Both packages are designed to help you meet basic compliance requirements by ensuring that your IT infrastructure is protected against common threats. The Pro package, with its advanced features, provides additional layers of security that can help in meeting more stringent compliance standards.
While our security measures are robust, they are not a substitute for full regulatory compliance. Compliance with standards such as NEN/ISO requires specific controls and documentation tailored to your environment. Our Compliance Module can assist you in documenting these controls to meet certification requirements.
Our Compliance Module is a comprehensive tool that helps you document and manage compliance controls specific to your environment. It provides templates, guidelines, and tracking features to ensure that all necessary controls are in place and properly documented. This module is essential for achieving certifications like NEN/ISO.
No, the Express and Pro packages alone are not sufficient for achieving NEN/ISO certification. These certifications require detailed documentation and specific controls that must be implemented and verified within your environment. Our Compliance Module is designed to help you meet these requirements.
If you need assistance with compliance, our team is here to help. We offer consulting services to guide you through the process of implementing and documenting the necessary controls. Please contact our support team to learn more about how we can assist you.
Yes, we provide ongoing support for compliance-related issues. Our team is available to help you address any questions or concerns you may have about maintaining compliance. We also offer regular updates and training to keep you informed about the latest compliance requirements and best practices.
We hope this FAQ section helps you understand the compliance aspects of our services. If you have any further questions, please do not hesitate to contact us. Your security and compliance are our top priorities!
Microsoft 365
The basic measures recommended by Microsoft are applied to the environment by CloudConnected. This translates into settings for, for example, MFA, sharing settings and security. We follow the Microsoft advised Password Policy to NOT enfornce passwords changes but enforce strong login with MFA.
Additional in Pro package: Protection against unwanted login attempts from devices that are not known to the company + protected login attempts from unauthorized countries. This is monitored by the 24x7 Cyber Security center and in case of alerts the team wil actively isolate the issue.
Windows
Devices managed by Microsoft 365 will receive the by Microsoft advised Baseline protection. This includes Windows 11 & Microsoft Edge. Further more Patch Management is done on a weekly base to keep the devices up to date and is described in the Computer Update Policy of CloudConnected.
Mac
Patch Management is done on a weekly base to keep the devices up to date and is described in the Computer Update Policy of CloudConnected.
Microsoft 365 / Google Workspace
A daily backup of all e-mails, calendar & documents is provided to an external Cloud with a retention of 1 year.
Workstation
In express this service is not offered.
Additional in Pro package: A daily backup of the full workstation is made to the Cloud that includes all data on the device & applications.
Microsoft 365 / Google Workspace
Incoming e-mails are scanned on harmful attachment and phishing attempts.
Workstation
Endpoint Detection and Response software is included to protect the device against malicious files. Also an internet filter is active that protects against harmful website and/or phishing links.
Additional in Pro package: A daily backup of the full workstation is made to the Cloud that includes all data on the device & applications.
Mobile Devices
In express this service is not offered.
Additional in Pro package: Mobile devices are protected against harmful applications & an internet filter is active to protect against Phishing sites.
Network
In express this service is not offered.
Additional in Pro package: You receive a Business Router from CloudConnected that protects the network with a Business Grade Firewall and also filters the internet traffic against phishing and harmfull websites for all connected devices.
Microsoft
Information regarding Microsoft products can be found on Microsoft Trust Center Overview | Microsoft Trust Center. The Microsoft Online Services SLA is published on Licensing Documents.
Cisco
Information regarding Cisco Meraki Network producs is published on Trust | Cisco Meraki and for Cisco Umbrella (internet filter) this can be found on Trust Portal - Cisco
Kaseya
Information regarding Kaseya products are found on Trust Center - Kaseya. These products are used to maintain & protect devices & cloud products.
Acronis
Information regarding Acronis products can be found on Acronis Trust Center — Full-cycle security which is the main Backup provider & for Google Workspace the e-mail security solution.
1. What are the different levels of security provided in the Express and Pro packages?
Our Express and Pro packages offer varying levels of security to meet your business needs:
Express Package: This package includes basic security measures such as antivirus protection, firewall management, and regular security updates. It is ideal for small businesses looking for essential protection.
Pro Package: This package offers advanced security features, including Managed Detection & Response, Mobile Device Management and comprehensive security monitoring. It is suitable for businesses that require a higher level of security and compliance.
2. How do these security levels help in compliance?
Both packages are designed to help you meet basic compliance requirements by ensuring that your IT infrastructure is protected against common threats. The Pro package, with its advanced features, provides additional layers of security that can help in meeting more stringent compliance standards.
3. Are these security measures sufficient for regulatory compliance?
While our security measures are robust, they are not a substitute for full regulatory compliance. Compliance with standards such as NEN/ISO requires specific controls and documentation tailored to your environment. Our Compliance Module can assist you in documenting these controls to meet certification requirements.
4. What is the Compliance Module, and how does it help?
Our Compliance Module is a comprehensive tool that helps you document and manage compliance controls specific to your environment. It provides templates, guidelines, and tracking features to ensure that all necessary controls are in place and properly documented. This module is essential for achieving certifications like NEN/ISO.
5. Can I achieve NEN/ISO certification with just the Express or Pro package?
No, the Express and Pro packages alone are not sufficient for achieving NEN/ISO certification. These certifications require detailed documentation and specific controls that must be implemented and verified within your environment. Our Compliance Module is designed to help you meet these requirements.
6. What should I do if I need help with compliance?
If you need assistance with compliance, our team is here to help. We offer consulting services to guide you through the process of implementing and documenting the necessary controls. Please contact our support team to learn more about how we can assist you.
7. Is there ongoing support for compliance-related issues?
Yes, we provide ongoing support for compliance-related issues. Our team is available to help you address any questions or concerns you may have about maintaining compliance. We also offer regular updates and training to keep you informed about the latest compliance requirements and best practices.
We hope this FAQ section helps you understand the compliance aspects of our services. If you have any further questions, please do not hesitate to contact us. Your security and compliance are our top priorities!
Policies###
Microsoft 365
The basic measures recommended by Microsoft are applied to the environment by CloudConnected. This translates into settings for, for example, MFA, sharing settings and security. We follow the Microsoft advised Password Policy to NOT enfornce passwords changes but enforce strong login with MFA.
Additional in Pro package: Protection against unwanted login attempts from devices that are not known to the company + protected login attempts from unauthorized countries. This is monitored by the 24x7 Cyber Security center and in case of alerts the team wil actively isolate the issue.
Windows
Devices managed by Microsoft 365 will receive the by Microsoft advised Baseline protection. This includes Windows 11 & Microsoft Edge. Further more Patch Management is done on a weekly base to keep the devices up to date and is described in the Computer Update Policy of CloudConnected.
Mac
Patch Management is done on a weekly base to keep the devices up to date and is described in the Computer Update Policy of CloudConnected.
Backup
Microsoft 365 / Google Workspace
A daily backup of all e-mails, calendar & documents is provided to an external Cloud with a retention of 1 year.
Workstation
In express this service is not offered.
Additional in Pro package: A daily backup of the full workstation is made to the Cloud that includes all data on the device & applications.
Protection
Microsoft 365 / Google Workspace
Incoming e-mails are scanned on harmful attachment and phishing attempts.
Workstation
Endpoint Detection and Response software is included to protect the device against malicious files. Also an internet filter is active that protects against harmful website and/or phishing links.
Additional in Pro package: A daily backup of the full workstation is made to the Cloud that includes all data on the device & applications.
Mobile Devices
In express this service is not offered.
Additional in Pro package: Mobile devices are protected against harmful applications & an internet filter is active to protect against Phishing sites.
Network
In express this service is not offered.
Additional in Pro package: You receive a Business Router from CloudConnected that protects the network with a Business Grade Firewall and also filters the internet traffic against phishing and harmfull websites for all connected devices.
GDPR & other Compliance standards from vendors
Microsoft
Information regarding Microsoft products can be found on Microsoft Trust Center Overview | Microsoft Trust Center. The Microsoft Online Services SLA is published on Licensing Documents.
Cisco
Information regarding Cisco Meraki Network producs is published on Trust | Cisco Meraki and for Cisco Umbrella (internet filter) this can be found on Trust Portal - Cisco
Kaseya
Information regarding Kaseya products are found on Trust Center - Kaseya. These products are used to maintain & protect devices & cloud products.
Acronis
Information regarding Acronis products can be found on Acronis Trust Center — Full-cycle security which is the main Backup provider & for Google Workspace the e-mail security solution.
Updated on: 14/02/2025
Thank you!