What is Cyber-Essentials Accreditation?
Cyber Essentials is a set of basic security controls designed by the UK National Cyber Security Centre (NCSC) and launched in June 2014. Designed to make it easier for organisations of all sizes to protect themselves against common online cybersecurity threats.
Holding a Cyber Essentials or Cyber Essentials plus certification is now mandatory for organisations in the UK Government supply chain. They are also highly beneficial for any organisation as it demonstrates a commitment to, and awareness of, Cyber Security risks.
Netitude considers Cyber Essentials to be a starting point and a good, basic cyber security standard for most SME businesses.
-
Secure your devices and software
Confirm that computers and network devices are properly configured in order to reduce the level of inherent vulnerabilities. Change default passwords and user account names, and for privileged accounts enable features such as 2FA (two-factor authentication).
-
Secure your Internet connection
Confirm that all internet connections used in your business are protected with a firewall, creating a secure gateway between your IT systems and external networks (such as the Internet).
Confirm that only safe and essential network services can be accessed from the Internet and that all devices that connect directly to the internet have a personal firewall installed and correctly configured.
-
Control access to your data and services
Confirm that user accounts are assigned to authorised individuals and that each user has an individual and identifiable account to access your network and data. User privileges and permissions should be carefully managed in line with the "Principle of least privilege" to minimise damage should an account become compromised.
-
Keep your devices and software up to date
Confirm that all devices and software are up to date at all times, ideally with on-going patch management in place. Confirm your devices and not vulnerable to known security issues for which fixes are available.
No matter what type of phones, tablets, laptops or computers your organisation uses, it’s important they are kept up to date. This is true for both Operating Systems and installed applications or software.
-
Protect from viruses and other malware
Restrict the execution of known malware and untrusted software. Virus and Malware protection software should be installed and kept up-to-date.
Get your business Cyber Essentials certified.
Contact us to get started today.
If you require Cyber Essentials PLUS certification, we also offer vulnerability scan, assessment, remediation and certification services.
