Cyber Essentials

Cyber Essentials is a UK Government-backed certification scheme, designed to help organisations of all sizes protect themselves from against the most common forms of cyber-attacks.

Selected by industry experts, the technical controls within the scheme reflect those covered in well-established standards. Cyber Essentials offers a sound foundation of basic hygiene measures that all types of organisations can implement and potentially build upon.

If you would like a to obtain this certification and/or be taken through the process, please contact us.

The Five Cyber Essential Controls

1) Boundary Firewalls and Internet Gateways

Boundary Firewalls and Internet Gateways provide a basic level of protection for a user on the Internet.

While an antivirus helps protect your system against unwanted programs, a firewall helps to keep attackers or external threats from accessing your system in the first place.

The firewall monitors all network traffic, with the ability to identify and block potentially harmful traffic from your computer, systems and networks.

2) Secure Configuration

Refers to security measures that are implemented when building and installing computers and network devices in order to reduce unnecessary cyber vulnerabilities.

Aspects such as ensuring access to certain files is only to those who need it, no unnecessary software is installed on network devices, and there is a consistent software installation process, all of which are essential for your businesses’ security.

3) Access Control

Access control regulates who or what can view or use resources in a computing environment.

There are two main types of access control: physical and logical. Physical access control limits access to campuses, buildings, rooms and physical IT assets. Logical access limits connections to computer networks, system files and data.

4) Malware Protection

Protecting against a broad range of malware (including viruses, worms, spyware, botnet software and ransomware) with effective software solutions to protect against malware, can make all the difference in information security for your business.

5) Patch Management

Patch management is an area of systems management that involves acquiring, testing, and installing multiple patches to an administered computer system.

Patch management tasks include: maintaining current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation, and documenting all associated procedures, such as specific configurations required.

Ready to get certified?