In our last blog we shared the fundamental information about the Cyber Essentials scheme. This blog will focus on explaining the five technical control themes in more depth.
Firewalls are designed to prevent unauthorised access in or from private networks. The set up of these devices is crucial; many cyber attacks that take place are actually preventable if hardware or software is configured correctly. A firewall is used as a buffer between the internet / other untrusted networks and the networks relating to the business. Authorised protocols, ports and applications should only be allowed to exchange data through the firewall.
Computers and network devices should be configured in a way to minimise the number of vulnerabilities and provide only the services required to fulfil their intended function. Computers are often not secure upon default installation. An ‘out-of-the-box’ set-up can often include an administrative account with a standard, publicly known default password, one or more unnecessary user accounts enabled (sometimes with special access privileges) and pre-installed but unnecessary applications or services. All of these present security risks.
User Access Control
It is important to keep access to your data and services to a minimum. This should prevent a criminal hacker being presented with open access to your information.
Obtaining administrative rights is a key objective for criminal hackers, allowing them to gain unauthorised access to applications and other sensitive data. Convenience sometimes results in many users having administrator rights, which can create opportunities for exploitation. User accounts, particularly those with special access privileges, should be assigned only to authorised individuals. User accesses must be managed effectively and provide the minimum level of access to applications, computers and networks.
It is important to protect your business from malicious software, which will seek to access files on your system. Malware can wreak havoc gaining access and stealing confidential information, damaging files and even locking them preventing access until you pay a ransom.
Protecting against a broad range of malware (computer viruses / worms / spyware / botnet software / ransomware) and including options for virus removal will protect your computer, your privacy and your important documents from attacks.
Any software is prone to technical vulnerabilities. Once discovered and shared publicly, vulnerabilities can rapidly be exploited by cyber criminals. Criminal hackers take advantage of known vulnerabilities in operating systems and third-party applications if they are not properly patched or updated.
Updating software and operating systems will help to fix these known weaknesses. It is crucial to do this as quickly as possible to close any opportunities that could be used to gain access.