Everyone has been busy taking steps to secure personal data and systems in the run up to the GDPR deadline last week.
You can now assure and celebrate your success by verifying your new policies and processes against the five principles of the Cyber Essentials Quality Mark.
It’s a really useful and relatively quick and affordable assurance process for even the smallest organisation and achieving the mark gives confidence to your funders, beneficiaries and prospects that you take cyber security seriously. The Cyber Security Essentials standard is developed by the National Cyber Security Centre, they provide some very clear advice on how to protect your organisation from a cyber attack, that you can read here.
In summary, Cyber Security Essentials assures organisations adopt the following principles.
-
Use A Firewall To Secure Your Internet Connection.
Cyber Essentials Certification requires that you configure and use a firewall to protect all your devices, particularly those that connect to public or other untrusted Wi-Fi networks.
-
Choose The Most Secure Settings For Your Devices And Software.
Cyber Essentials Certification requires that only necessary software, accounts and apps are used. Any software needs to be installed securely with adequate password policies. For banking and ID administration, two-factor authentication is recommended.
-
Control Who Has Access To Your Data And Services.
Cyber Essentials Certification requires that you control access to your data through user accounts, that administration privileges are only given to those that need them and that what an administrator can do with those accounts, is controlled.
-
Protect Yourself From Viruses And Other Malware.
Cyber Essentials Certification requires that you implement at least one of the approaches suggested to defend against malware. These include Whitelisting applications for use on computers.
-
Keep Your Devices And Software Up To Date.
Cyber Essentials Certification requires that you keep your devices, software and apps up to date.
To find out the detail and apply to get verified visit The National Cyber Security Centre.
