Cyber Essentials from Wood ITC
October 1, 2018
Dark Fibre Fibreoptics
Dark Fibre is coming to Tameside! But What is Dark Fibre?
November 14, 2018
Show all

5 Key Areas For Cyber Essentials

Cyber Security

We are very proud to have recently achieved our Cyber Essentials certification. Cyber Essentials is about limiting risk. Our job is to help our clients to limit their risk to cyber attack by becoming compliant in the five key areas of this important government scheme.

 

Cyber Essentials for Your Business Cyber Essentials

There are stories in the news every week about victims of cyber attacks. From personal data theft to large corporate hacks. People and businesses are at risk when they go online. And it doesn’t matter the size of the victim, the attack is real and can have devastating consequences for those involved.

Mitigating the risk of cyber attack is crucial. For businesses, the risk of losing important business data which might include customers’ personal and financial information is unthinkable. Which is why businesses and authorities are taking the risk of cyber attack very seriously indeed.

The government backed Cyber Essentials scheme is a case in point. Cyber Essentials addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

At Wood ITC we now help businesses to become compliant in these five areas. Here’s a fun down of the key areas and what is needed to become compliant.

 

1. Boundary firewalls and internet gateways

If they are working correctly, firewalls and gateways provide a basic level of protection for internet users. They do their job by monitoring all network traffic and identifying and blocking  traffic which can be harmful.

If your firewalls are weak, have not been updated often enough, or are failing to detect harmful websites, your business becomes very vulnerable.

The Cyber Essentials Objective:

To ensure that firewalls and gateways are in tact. So that only safe and necessary network services can be accessed from the Internet.

 

2. Secure Configuration

When you are implementing your IT infrastructure, it is vital that the correct security measures are put in place. This extends to all computers and network devices, including mobile.

Your business will be be vulnerable if you or your users don’t change default passwords on accounts or devices. Or if you leave ports open on firewalls. It is also advisable to make sure all data is fully encrypted.

 The Cyber Essentials Objectives:

To ensure that all network and IT systems are configured in the most secure way for the needs of your organisation.

 

3. Access Control

It is a well known fact that employees are the biggest threat to your organisation in regard to cyber security. This can be unknowingly or deliberately.

Managing employee privileges on your system is very important. Having an account management system in place which does this for you is a vital component of Cyber Essentials.

The Cyber Essentials Objectives:

To ensure that access to your systems is managed effectively and monitored. So that employees only have access at the appropriate level.

 

4. Malware Protection

Malware is a growing threat to businesses. There have been a number of high profile cases over the two years of business being affected.
Your business should have anti-malware software installed on all devices connected to the internet. It is also important to make sure that your systems are up to date in order to deal with the latest threats, and maintained to the highest standards

The Cyber Essentials Objective:

To restrict and prevent harmful code, malware and untrusted software from causing damage and accessing sensitive data.

 

5. Patch Management

Your systems are no good if they are not kept up to date. Patch management is about making sure that all your software is regularly updated. If you are using an old operating system such as Windows XP you are more vulnerable to an attack. This was the mistake which the NHS made, resulting in their huge hacking incidentlast year.

The Cyber Essentials Objective:

To ensure that all devices and software are regularly updated and therefore are not vulnerable to known security issues, for which fixes are available.

 

Become Cyber Essentials Certified

With the help of Wood ITC, you too can become Cyber Essentials Certified.  Our security experience means that we are able to help business of all sizes to secure their data assets. We can help you increase organisations security and reduce your exposure to Cyber Crime.

If you’d like to discuss how Wood ITC can help you obtain these accreditations or if you’re unsure which certification is more relevant to your business, contact us to arrange a chat with one of our specialist team.

Leave a Reply

Your email address will not be published. Required fields are marked *