Launched by the United Kingdom Government in 2014, the Cuber Essentials Scheme focuses on providing companies with clarity on what essential security controls they require to implement to reduce the risks posed by threats on the Internet. The scheme addresses the five (5) key controls that, when implemented correctly.
Our Cyber Essential Certification service helps your organisation attain the Cyber Essentials certification at the Standard or Plus level. We do this by providing security audits of your IT infrastructure, risk and gap analysis of your environment, Group Policy Object (GPO) rules and other reviews based on the assessment expectations and requirements of the independent assessor. Where the Cyber Essentials Plus service is taken then we arrange for the independent assessor to verify the environment and work with them to mitigate any areas of concern highlighted.
The 5 controls of Cyber Essentials are:
This control will apply to every company where employees have access to the internet. Internet gateways and firewalls will identify and prevent unwanted traffic gaining access to your network, computers, and systems. The controls you need to apply will include changing any default/admin passwords, ensuring firewalls are properly set up, etc
A newly installed computer or piece of software is never properly configured with its factory settings. This means if you carried on using a device on its default settings, it is open to cyber risks. All computers and network devices should be configured to reduce risk. This will include reducing or removing unnecessary software and changing default settings and passwords.
A huge number of data and cyber breaches occur from abuse of administrative user accounts within a company. Companies should aim to only let certain individuals have special access privileges according to their position and responsibilities. Companies can look to manage this by performing a number of controls, such as having unique usernames and passwords, and keeping all account information in a secure, protected location.
Where computers and systems are exposed to the internet, they will need to be protected from malware. Malware is a programme, or virus, that has been coded with the intent to perform unauthorised actions on one or more computers. Companies should at a minimum look to protect all computers that are connected to the internet via cable or wireless. Other actions include having up-to-date malware software as well as setting regular scans (daily) to ensure early detection of malware.
As with any software, there are often regular updates released to add more features and improve performance. If there are any vulnerabilities in software that hasn’t been updated, this can become a weak spot that can be used to gain access to networks and computer systems. Companies should ensure the following: remove out-of-date software, and ensure all security patches are updated soon as they are available.
If you would like any further information on how cyber essentials could help prevent up to 80% of common cyber attacks, please get in touch with us today.
Our Cyber Essential Certification service is offered at a Standard or Plus level.
We offer the complete package and lead the whole process on your behalf.
We love to hear from our customers, so feel free to get in touch during normal business hours.
JDI House, 5 Church Walk, Preston, Preston, PR2 6SZ, United Kingdom
09:00 – 17:00