Cyber Essentials is a simple yet incredibly effective UK Government backed initiative supported by the NCSC (National Security Centre), suitable for any organisation, of any size, in any sector.
Designed to protect organisations against the most common cyber-attacks, it's a certification that we recommend to all our customers and one that we first-hand experience of achieving.
Does my organisation need Cyber Essentials certification?
As a managed IT services provider with a strong focus on ensuring our customers have modern and secure IT environments, we are strong advocates of Cyber Essentials certification.
Organisations need to consider that cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. Therefore, in committing to Cyber Essentials you'll access an effective and affordable way to reduce your organisation’s exposure to these attacks.
In kicking off your Cyber Essentials journey we'll work with you to analyse your current environment, identifying the areas you need to focus on to achieve certification. Key questions to consider include
- Do you have a password policy?
- Do you know the minimum standard of passwords in use?
- Do you know that all passwords have been changed from their default?
- Are all operating systems, firmware and applications supported and up to date?
- Are all user accounts of staff who are no longer with the organisation deleted or disabled?
- Do you know which staff have administrative level accounts?
- Do staff that have administrative accounts only use these accounts for administrative purposes and not for daily use?
Achieving Cyber Essentials certification
Our Cyber Essentials certification process is tried and tested across many of our existing customers, meaning we can quickly get your path towards certification mapped out and delivered. Once achieved, your organisation will benefit from:
- The peace of mind that comes from having confidence in your organisation's security measures
- Improved customer confidence, assured that you are taking measures to protect them against cyber threats
- New business opportunities, again with the assurance that you are protecting customers
- Cyber insurance, included within successful certification
- Capability to tender for Government contracts, where certification is a requirement
Ready for Cyber Essentials Plus?
With Cyber Essential Plus you'll have the highest level of certification offered under the Cyber Essentials scheme. Your organisation will need an even stronger, more robust cyber security environment than necessary for Cyber Essentials, with particular focus in areas such as phishing attacks and hacking. We can take you through the Cyber Essentials Plus process, kicking off with a review of your current set up.
What controls are required for Cyber Essentials?
Boundary firewalls and internet gateways
Establish network perimeter defences, and firewall policies to detect and block access to known malicious domains and prevent users’ computers from communicating directly with the Internet
Malware protection
Build and maintain malware defences to detect and respond to known attack code
Patch Management
Patch known vulnerabilities with the latest version of the software, to prevent attacks which exploit software bugs
Whitelisting and execution control
Prevent unknown software from being able to un or install itself, including AutoRun on USB and CD drives
Secure Configuration
Restrict the functionality of every device, operating system and application to the minimum needed for business to function
Passwords and access
A password policy is essential, along with limiting normal users’ execution permissions and the least privilege principle
Cyber Essentials Certification with Kick ICT
We deliver a two-day engagement to assess your organisation’s levels of protection against a wide variety of the most common cyber-attacks. This is important because vulnerability to simple attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others. We'll then work through the assessment process, identifying any areas that require improvements before submitting the assessment for formal accreditation. Get in touch to discuss your organisation's requirements.
Why Kick for Managed IT Services?
We’re a long established provider of managed IT services, with a proactive and predictive approach to phone, remote and on-site support available to our 10,000 users.
With over 300 years combined experience supplying managed IT services, we delivered over 300 projects in 2019 alone across a wide range of technology platforms, and with accreditations including Microsoft Gold, Citrix Silver, SolarWinds Elite and StorageCraft Premier, you can trust in our expertise - we’re here to help.
Ask the Experts
We're Here to Help
Whether you are ready to start scoping or just want to discover more about Kick ICT, our experts are at hand to help