We're Cyber Essentials certified - once again!
Every day, when reading the newspapers or watching the news, we will find - at least - one article about cybercrime, and it shows no signs of slowing down. Silver Lining works hard to maintain optimal cyber security - not just within the business but also within the services we provide to our customers. As you may remember, we became Cyber Essentials certified last year, and we are pleased to announce that we were assessed once again this year and have again met the requirements of the scheme.
The requirements are specified under five technical control themes:
This control is about securing our internal network against unauthorised access from the internet. Through implementation of secure firewalls, configured to only allow through trusted traffic and to block known vulnerable protocols, attacks based on exploiting weaknesses in a network from the outside can be prevented. Firewall configuration starts with setting a strong administrator password, and extends to creating numerous ”firewall rules” to maintain precise control over incoming and outgoing connections.
This control covers the process known as “system hardening”. Out of the box, computers are typically configured to be easily set up and networked, or ”plug and play”. Unfortunately, this setup is often riddled with inherent vulnerabilities: redundant user accounts, unnecessary permissions for users and programmes, enabled network protocols that pose a security risk, and many other issues. System hardening simply involves removing and disabling these features to reduce risk wherever possible.
User access control
This control boils down to the “principle of least privilege” - that a user or programme on a network should only have the permissions required to carry out its appointed task, and nothing more. User permissions should be configured on a fine-grained level across the company network, all user accounts should be secure, and credentials shouldn’t be shared, and accounts with administrative privileges should be kept on strict lockdown. This greatly reduces the risk of “rogue agents” exploiting their elevated privileges, and mitigates the threat posed by compromised systems.
This control is software-based. Malicious software makes its way onto computers in all manner of ways; through compromised websites, infected files online or on removable storage, and deceptive email links or attachments. Having robust and regularly updated protective software to eliminate these threats in the key to achieving this control. Anti-malware applications should be kept up-to-date and configured to automatically scan files on access and regularly scan the entire file system and should also block access to known malicious websites. These applications should safeguard all devices connected to the Internet.
No software is perfect; the bigger and more regularly altered a piece of software is, the more likely that vulnerabilities and exploits will be discovered. Developers of applications keep an eye out for these issues and release security patches to fix them. It’s important, therefore, that all programs across the network are kept up-to-date with the latest security patches. In the event that a piece of software is no longer being supported by its developers, it should ideally be removed from the network and a suitable replacement found, as if any vulnerability is found in this software it is unlikely to ever be resolved.
We’ve already implemented these controls within our business, and our aim is to ensure that our customers achieve the same degree of network security and stability. Our next step is to achieve the advanced Cyber Essentials Plus accreditation - so keep your eyes peeled for further news on that.
Speak to us and find out more about how we can help you become cyber secure.
Get in touch
Share this on social media:
We support Fusion People with their IT and telecommunications. Watch how they made an annual saving of 40%.
Contact us today for help or advice on your IT & telecoms and receive a FREE Costa!
The player supports TAB to change the controls. Update Required<br/>To play the media you will need to either update your browser to a recent version or update your <a href='http://get.adobe.com/flashplayer/' target='_blank'>Flash plugin</a>.