You may have heard about Cyber Essentials over the past year or so and wondered what it’s all about. Well – here we’ll explain what it is and how it can help your business.
Cyber Essentials is a simple but effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.
Addressing 5 key areas of your business – the framework aims to prevent approximately 80% of cyber incidents by simply implementing basic controls.
This control will apply to every business where employees have access to the internet. Internet gateways and firewalls will identify and prevent unwanted traffic gaining access to your network, computers, and systems. The controls you need to apply will include changing any default/admin passwords, ensuring firewalls are properly set up, etc.
A newly installed computer or piece of software is never properly configured with its factory settings. This means if you carried on using a device on its default settings, it is open to cyber risks. All computers and network devices should be configured to reduce risk. This will include reducing or removing unnecessary software and changing default settings and passwords.
A huge number of data and cyber breaches occur from abuse of administrative user accounts in a business. Organisations and businesses should aim to only let certain individuals have special access privileges according to their position and responsibilities. Companies can look to manage this by performing a number of controls, such as having unique usernames and passwords, and keeping all account information in a secure, protected location.
Where computers and systems are exposed to the internet, they will need to be protected from malware. Malware is a programme, or virus, that has been coded with the intent to perform unauthorised actions on one or more computers. Organisations should at a minimum look to protect all computers that are connected to the internet via cable or wireless. Other actions include having up-to-date malware software as well as setting regular scans (daily) to ensure early detection of malware.
As with any software, there are often regular updates released to add more features and improve performance. If there are any vulnerabilities in software that hasn’t been updated, this can become a weak spot that can be used to gain access to networks and computer systems. Organisations and businesses should ensure the following: remove out-of-date software, and ensure all security patches are updated soon as they are available.
Some of the extra benefits that certification offers, besides peace of mind are sometimes not mentioned. But they’re as follows;
- Business listing on the IASME and NCSC website
- Free cyber security insurance
- Marketing materials
IP Four Digital are a certifying body for Cyber Essentials (this means we’re licensed to do so) and so we’re experts in helping organisations achieve certification quickly and cost effectively. We also offer monthly payment options.
The cost varies with the size of your organisation but most small and medium sized companies should expect to pay approximately £550.
Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.
If you’re interested in certification then feel free to give us a call on 020 4525 3748 or contact us here.
IP Four Digital are an IT and digital support organisation based in Lancashire.