In today’s world, threats are all around us and none more so than criminal cyber activity. Whether it is viruses, phishing, ransomware or the many other types of attack, the threat is constant and real. As a result, we have to remain vigilant to keep both our company and our customers safe. To support this, we have been granted the Cyber Essentials Plus accreditation, a widely recognised and credible certification of an organisation’s approach and adherence to security best practice.
What is Cyber Essentials Plus?
Cyber Essentials Plus covers five main elements:
- Secure configuration
- User access control
- Malware protection
- Security update management
Within these core areas, we have certified the configuration, control, management and use of:
- Desktop, laptop and mobile devices
- Network edge protection, including firewalls
- User authentication and access control
- Antimalware protection
- Security update solutions
Finally, the ‘Plus’ bit of Cyber Essentials has to be completed. This is a hands-on verification of all the elements covered by the certification, completed by a National Cyber Security Centre-authorised partner.
What else have we done?
While Cyber Essentials is critical to ensure that our infrastructure, applications and services are secure, we have gone a step further and have reviewed, refined and, where necessary, created security-focused policies and setup a customised training programme. Every member of staff will need to complete the training and certify that they have read, understand and will follow the policies.
What happens now?
Gaining the Cyber Essentials Plus accreditation is a key milestone for Silversands and helps to demonstrate our desire to be as secure as possible for the benefit of ourselves and our customers. We cannot and will not rest here, though. The Cyber Essentials accreditation needs to be fully validated annually and so, at the next anniversary, we will not only need to prove that the protective configurations, services and solutions remain in place and effective to maintain Cyber Essentials Plus, but we will also be asking our staff to complete a training refresher and re-accept the policies.
Ultimately, the combination of Cyber Essentials Plus certification, together with the associated training programme and policies, means that we are well protected against security breaches, ransomware attacks, data loss and many other cyber threats.
Where can I find more information on Cyber Essentials?
To find more information on this accreditation, you can check out the National Cyber Security Centre website.