Cyber Essentials | Your Digital Front Door

Updated: 2 days ago

We have been working with Roz Woodward of SECUR!OUS, one of our Trusted Partners to take a deep dive into the control areas of Cyber Essentials.


Would you go to bed at night with the front door wide open and car keys clearly visible on the hall table, along with your wallet and iPad? Of course you wouldn’t… But this scenario is an analogy of what Cyber Essentials represents to our personal and professional cyber security posture.


It comprises controls that represent our cyber front door - which can either be left wide open, or locked and monitored. It’s up to you…


What are the five controls that Cyber Essentials looks at?


Keep your devices and software up-to-date

Ensuring that all your devices’ operating systems and applications are up-to-date is very important, because manufacturers and developers regularly release patches to address security vulnerabilities that have been discovered. Cyber Essentials will enable you to identify if you are running unsupported software, and if your supported applications / operating systems are up-to-date.


Devices and software aren’t up to date = no cyber front door at all


Protect yourself from viruses and other malware

Protecting your systems with anti-virus software, intrusion detection / prevention systems would be akin to having CCTV or a security guard at your entrance, alerting you to potential threats and even stopping them on your behalf. Most popular Operating Systems include effective virus and threat protection… if all the modules are enabled. How is your configuration?


No anti-virus or intrusion protection = cyber front door wide open


Control who has access to your data and services

Would you let everyone you know have a key to your home? No way! Cyber Essentials helps you take control of who has access to your data and services. Often clients don’t understand the significance of administrator and standard user accounts, and yet getting this wrong could result in an intruder having access to far more than you’d like.


No access controls = cyber security front door ajar


Use secure settings for your devices and software

Most devices and software applications are supplied with default configurations that make getting started easy for the user. However, as above, leaving default settings can make it easier for cyber attackers to gain access to your data. Sharing user accounts and login credentials and having weak passwords also represents a significant risk.


Not using secure settings on devices and software = cyber front door closed, but on the latch


Use a firewall to secure your internet connection.

Do you have a firewall? Of course, you do! A larger organisation may have a bespoke firewall device, a smaller company or home worker will have a software firewall built into the hub or router provided by their ISP. But let me ask you this: Have you changed the default password on your firewall / router? No?


Misconfigured firewall = cyber front door closed, but not locked

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South West is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South West provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the South West does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South West is not responsible for the content of external internet sites that link to this site or which are linked from it.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South West is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South West provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the South West does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South West is not responsible for the content of external internet sites that link to this site or which are linked from it.

The Cyber Resilience Centre for the South West is a trusted resource for  support to protect businesses and third sector organisations in the South West region.

USEFUL LINKS

CONNECT WITH US

  • LinkedIn
  • Twitter

© 2021 - The Cyber Resilience Centre for the South West