Cyber Essentials is a Government-backed scheme to help businesses protect themselves against the five most common online threats, detailed below. Once you’ve signed up, your customers and the people you do business with can be certain you take cybersecurity seriously.
The versatility of Cyber Essentials makes it suitable for all organisations, no matter the size or the sector. The Federation of Small Businesses, the CBI and a host of insurance organisations all back Cyber Essentials also.
The awarding of many Government contracts – particularly those involving the handling of sensitive information – require bidders to be certified by Cyber Essentials. The reassurance it offers helps you win clients and keep them by demonstrating your commitment to their online safety.
Cyber Essentials: Building a firewall
A firewall is a protective layer between your IT network and the outside world. Within the safe zone it creates, threats to your online security can be determined and snuffed out before they can do any damage. Some people prefer personal firewalls on their laptops or PCs. For bigger organisations or businesses handling lots of personal information, a company-wide firewall around your entire network might be more appropriate. Without a functioning firewall, you cannot be Cyber Essentials certified.
Keeping yourself safe
It’s always exciting to fire up a new laptop or phone or to integrate a new piece of software into your IT framework. But how can you be sure it’s safe? One way is to check your security settings and, where appropriate, raise them. Disable any accounts that are not being used and turn off any functions you don’t need. Protect every piece of equipment – phone, laptop, PC with a difficult-to-crack password. If you leave a default password on a device, you’re leaving the front door open to criminals. Two-factor authentication – for example, a code sent to your phone to verify your identity before you can log onto a website – is also a common way to keep information safe.
Setting the right permissions
Does John from the post room really need unfettered access to the company’s sales ledgers? If not, don’t let him have it. Ensuring all employees only have access to the accounts they really need helps you keep everything safe. Administrative accounts are only for those people with administrative privileges. It’s also important to stay on top of what software people can download. Stick to reputable sites like Apple’s App Store for mobile downloads. Hiding in an unauthorised download is a common entry tactic for malware.
Show malware and viruses the door
One of the ways hackers use malicious software is by rendering your IT system inoperable until you pay a ransom. One virus can infect dozens of users, harvesting financial data or personal information. Most popular operating systems have a free anti-malware programme built-in, Microsoft’s Defender, for example. Other tips to keep you safer include not logging onto unknown wi-fi networks and ensuring you activate apps to help you find lost phones or laptops. IT departments can also limit the amount of applications allowed on a device, known as whitelisting. Alternatively, a sandboxing programme puts suspect emails or attachments in an isolated environment while it checks them out, insulating your network from any damage.
Keep up to date
The most basic way of ensuring your online safety is by keeping your devices up to date. Every so often, manufacturers will release updates which not only add new features but also address any security issues. It’s best to keep your phone or laptop set to automatically install any updates – that way, you never have to worry about it. And when your kit no longer supports the updates, it’s time to consider a replacement.
How Allteks can help
Cyber Essentials certification can only be achieved by adhering to the steps outlined above. The expert project managers at Allteks can walk you through that process – from the implementation of a firewall to verifying your security settings.
From our Maidstone head office, Allteks specialises in creating and managing bespoke IT infrastructure and support solutions to businesses across Kent, London, Surrey, Essex, Sussex and the rest of the UK. We are a market-leading managed IT service provider, offering IT support and solutions to businesses large and small since 2000.
So, whether you are considering outsourcing part or all of your IT support, or are looking for an IT consultancy, we can create a bespoke solution that fits your company’s needs. Contact us today for a free two-hour consultation.