Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.
.
Cyber Essentials is a simple but effective, Government backed scheme that aims to help firms to protect their organisation, against a range of the most common cyber attacks.
The Cyber Essentials guide shows the key technical controls that Boards should be aware of and all firms should look to have in place:
Firms should protect their Internet connection with a firewall. This effectively creates a ‘buffer zone’ between your IT network and other, external networks. Within this buffer zone, incoming traffic can be analysed to find out whether or not it should be allowed onto your network.
Firms should always check the settings of new software and devices and where possible, make changes which raise their level of security. For example, by disabling or removing any unnecessary functions, accounts or services and using passwords.
To minimise the potential damage that could be done if an account is misused or stolen, staff accounts should have just enough access to software, settings, online services and device connectivity functions for them to perform their role. Extra permissions should only be given to those who need them.
Firms should take anti-malware measures such as using an 'allowed list' to prevent users installing and running applications that may contain malware.
It is important that the manufacturer still supports the device with regular security updates and updates are installed as soon as they are released. This is true for both Operating Systems and installed apps or software.
Patching: manufacturers and developers release regular updates which not only add new features, but also fix any security vulnerabilities that have been discovered. Applying these updates (a process known as patching) is one of the most important things firms can do to improve security.
