Cyber Essentials Accreditation
After jumping through a few more hoops, we have just passed our Cyber Essentials accreditation for another year.
Cyber Essentials is a Government-backed scheme that helps us protect our business (and our client’s businesses), against a whole range of the most common cyber attacks. The scheme forces firms to ask questions about how their software, hardware and networks are setup to limit malicious damage or loss of data.
For some of our clients, Cyber Essentials is a must. Along with team members’ security vetting allows us to deliver the sort of enterprise solutions usually reserved for far larger corporates.
The IASME Consortium runs the scheme in association with the National Cyber Security Centre, and there are several companies licensed to help you get through the process. A full list of certified bodies can be found on the IASME website here.
The questions asked evolve every year and have had to change to support the vast numbers of home workers and BYOD, which all offer new security challenges.
It’s a demanding process, but every business and every person needs to take cybersecurity seriously today.
Some top-line notes.
- Enforce strict passwords
- Use 2-Factor authentication wherever you can
- Always run the last software on your computers and phones
- Have a company security policy and ensure that staff adhere to it
- Only provide access to systems and networks a user needs to do their job
- Run Malware protection
The Cyber Essentials accreditation process will take you through many more questions around your compliance to these and provide some peace of mind to you and your clients.
President Trump’s Twitter was hacked not once but twice with passwords “yourfired” and “maga2020!” (He added the ! For extra security). Now I’m not saying your staff will do something as stupid as the leader of the free world but having a set of rules to follow can help prevent this sort of thing.