IT Support &
Business Software

Cyber Essentials: Protect your business from Cyber-Attack

Share

IT security servicesIT security remains as important as ever as, with cyber-attacks doubling in number last year. Cyber Essentials is a government led initiative that helps protect your business against the most common cyber threats. At the same time, it allows you to demonstrate your security commitment to customers and suppliers. The scheme provides 5 security controls that, according to the UK government, could prevent around 80% of cyber-attacks.

Certification starts from as little as £300+VAT and can help you meet your business GDPR compliance requirements.

 The Five Key Control Themes

Cyber Essentials is categorised into the 5 headings below:

  • 1. Firewalls: securing your internet connection by using a firewall.

This creates a ‘buffer zone’ between your IT network and other, external networks to ensure that only safe and necessary network services can be accessed from the internet. Every device that is in scope must be protected by a correctly configured firewall.

  • 2. Secure Configuration: choosing the most secure settings for your devices and software.

This requires you to check the settings of all new software and devices, manage passwords effectively and remove or disable any unnecessary users, functions or software. For ‘important’ accounts, such as banking and IT administration, two-factor authentication should be used.

  • 3. User Access: providing users with the least access required to perform their roles.

This minimises the potential damage if an account is misused or stolen. Staff accounts should have just enough access to software, settings, online services and device connectivity functions to perform their roles. Extra permissions and administration privileges should only be given to those who need them.

  • 4. Malware Protection: protecting from viruses and other malware by using anti-malware measures.

These should be installed on all computers, laptops and mobile devices to detect and disable malware before it causes harm. In addition, whitelisting prevents users installing and running applications that are not included on an approved applications list. Finally, where possible, untrusted software should be run in an isolated environment with restricted access to the rest of your devices and network. This is known as sandboxing.

  • 5. Patch Management: updating your devices and software with the latest releases by manufacturers and developers.

These updates, known as patches, not only add new features but fix any identified security vulnerabilities. Effective patch management is one of the most important factors in improving your security.

How can PCR help?

In order to achieve Cyber Essentials certification, you need to review your IT network and where necessary, implement changes to policy and technology. PCR will guide you through the entire process, from initiating your application to reviewing your infrastructure and then implementing recommendations. For more information on how we can help, please get in touch.


Testimonials

Max Somper Metamark

PCR are very much on the same page as ourselves. They're very flexible, pragmatic about response, efficient, and they've always been the best choice for us as a business.

David Stocker Kingfisher Inks

We can always depend on PCR to offer us excellent service in terms of support for Pegasus and our IT network. Their advice is always tailored to our requirements and situation, and we can rely on them to ensure that it is the best solution for us.

John Higgins Duchamp

We would recommend PCR as a good IT support partner to have on a day-to-day basis and for practical advice.

Contact us now