Cyber Essentials Scheme 

Cyber Essentials is a new Government backed and industry supported scheme to guide businesses in protecting themselves against cyber threats. KITC is offering a new service where we look at five simple technical measures which can be taken by all companies to make businesses ready to be Cyber Essentials Certified. This is performed via an onsite consultation to guide you through a questionnaire to assess your current cyber security proficiency. This will be your first step towards Cyber Essentials Certification. 

Secure Configuration 

Computers and network devices cannot be considered secure upon default installation. A standard, ‘out-of-the-box’ configuration can often include an administrative account with a pre-set default password which is publicly known, one or more unnecessary user accounts enabled and pre-installed but unnecessary applications, often called bloatware.

Boundary Firewalls and Internet Gateways 

Information, applications and computers within the organisation’s internal networks should be protected against unauthorised access and disclosure from the internet, using boundary firewalls, internet gateways or equivalent network devices. Advice and guidance on adopting good cyber security practices.

Access Control 

User accounts, particularly those with special access privileges (e.g. administrative accounts) should be assigned only to authorised individuals, managed effectively and provide the minimum level of access to applications, computers and networks.

Patch Management 

Patch management is a strategy for managing patches or upgrades for software applications and technologies. A patch management plan can help a business or organization handle these changes efficiently.

Malware Protection

Produce policies that directly address the business processes (such as email, web browsing, removable media and personally owned devices) that are vulnerable to malware. Scan for malware across your organisation and protect all host and client machines with antivirus solutions that will actively scan for malware. All information supplied to or from your organisation should be scanned for malicious content.