Achieving Cyber Essentials certification is designed to be simple and easily manageable, whilst at the same time providing your organisation a respected standard in cyber security.
What will be assessed?
The Cyber Essentials scheme has 5 technical control themes that are assessed for certain requirements:
Firewalls are the first line of defence for your computers against attacks from the internet. Your internet router, computer and other devices will also have their own built in firewalls. We will check these are active and that they have been configured and secured.
2. Secure configuration
Devices should meet a minimum level of security, limiting who can change security related settings and install new software and applications. We will check to make sure key security controls are in place on your devices and that a secure password policy is enforced.
3. User access control
Access to important business data should be restricted to authorised users only. You should keep track of all users that have access to your systems and ensure access is revoked if they leave. Users should not use accounts with full administrative privileges on a day to day basis. Administrative accounts should only be used when you need to make configuration changes to your systems and devices.
4. Malware protection
All your user devices should have some controls in place limiting what software can run. The controls should also detect and delete any malware that might find its way on to your systems.
We will check to make sure this is in place for your devices and configured to a suitable level to meet the requirements of Cyber Essentials.
5. Patch management
All software can contain bugs that can be exploited to gain access to your systems or data. You can reduce the chance of exploitation by only downloading software you use and ensuring it is fully licensed and up to date.
We will check to make sure you have a suitable update process in place and perform some tests to check for any known software vulnerabilities that may be present on your systems.
Ready to take the next step?
Here at ACM we offer both Cyber Essentials and Cyber Essentials Plus certifications. If you’re not sure which solution is best suited for your organisation contact us now and one of our friendly team will be in touch.