In order to achieve Cyber Essentials certification, your IT infrastructure is tested on the following 5 technical controls.
- Firewalls
- Secure Configuration
- User Access Control
- Malware Protection
- Patch Management
Firewalls
The purpose of these devices is to prevent unauthorised access to or from private networks, but a good setup of these devices is essential to ensure that they function effectively.
Using boundary firewalls and Internet gateways, you can control who can access your system from the Internet and where your users can go.
While antivirus software protects your system from viruses and malware, a firewall prevents attackers or external threats from accessing your system.
A firewall’s security can be adjusted just as any other control function (also known as a firewall’s ‘rules’).
Secure Configuration
The configuration of web servers and application servers plays a crucial role in cyber security. It is possible to suffer a wide variety of security problems if your servers are not configured properly.
In order to minimise vulnerabilities in computers and network devices, they should be configured to provide only the services required to accomplish their intended functions.
By doing this, unauthorised actions can be prevented and only the minimum amount of information about each device is disclosed to the Internet. Scans can reveal vulnerabilities in insecure configurations that may be exploited.
User Access Control
Keep access to your data and services to a minimum. You should be protected from hackers accessing your information openly this way.
Obtaining administrator rights is an essential goal for criminal hackers, who can then access sensitive data and applications without authorisation.
Due to convenience, many users may have administrator rights, which can be exploited.
Special access privileges should be assigned only to authorised individuals, managed effectively, and provide the minimum level of access to applications, computers, and networks.
Malware Protection
Your business must be protected from malicious software that seeks access to files on your system.
By gaining access and damaging your files, the software can wreak havoc, and even lock you out until you pay a ransom.
The best way to protect your computer, your privacy and your important documents is to take steps to prevent malware attacks (such as computer viruses, worms, spyware, botnet software and ransomware).
Patch Management
Technical vulnerabilities exist in all devices and software. Once vulnerabilities are discovered and shared publicly, cybercriminals can exploit them quickly.
Those who fail to patch or update operating systems or third-party applications are vulnerable to criminal hackers.
It is recommended that you update your operating system and software in order to address these weaknesses.
Taking this action as quickly as possible is crucial to closing any opportunities for access to the system.
Why choose JMV solutions?
Since 2012, JMV Solutions has provided IT Support for a wide range of small and medium sized businesses throughout Devon and Cornwall. Our company is formed of a personable, friendly and expert team of IT and Security experts that have your best interests at heart. We protect your business, your valuable data, and help sustain your compliance requirements against a rapidly growing cyber threat. Contact us today to learn more.