Cyber Essentials is a scheme designed by the Government to make it easier for businesses of all sizes to protect themselves against cyber attacks. It is mandatory for organisations in the UK Government supply chain, but highly beneficial for any other business as it demonstrates a commitment to Cyber Security.
The scheme sets out five security controls to protect organisations against the most common cyber threats. You can complete a self-assessment questionnaire to see how your business measures up against the five security controls listed. This will help you decide whether you’re in a position to apply for a Cyber Essentials accreditation badge. We’ll talk more about how to apply later, but first, we’ll take a look at what the five security controls are and how you can ensure your business has them in place.
- Secure configuration
This refers to security measures that are implemented when building and installing computers and network devices. When configuring computers and network devices, you need to ensure this is implemented in a way that limits vulnerabilities.
Vulnerabilities may include using default passwords across systems and devices, user accounts with unnecessary access privileges, a poor software installation process, amongst many more. Put a formal configuration management process or system in place to ensure consistency across all devices your business uses, including devices which your employees may bring in and use for work.