Both the Cyber Essentials Basic and the Cyber Essentials Plus certification covers 5 key controls of technical configurations.
- Secure Configuration
- Malware Protection
- Access Control
- Internet Gateways & Boundary Firewalls
- Patch Management
1. Secure configuration
Configuration of both network and computer gadgets is necessary. It minimizes standard exposure and provides specific services as desired. Having a default installation for wireless access points, network, and computer gadgets does not guarantee maximum security. Remember a basic external configuration usually comes with an administrator account, extra user accounts, and a default password.
2. Malware protection
Computers and other devices connected to the internet are susceptible to malicious software. Organizations can protect their gadgets from malware infection by using malware protection software. The software detects and immobilizes malware.
3. Access control
Default user accounts should be regulated, and designated to authorised persons. Additionally, their access to networks, computers, and applications should be restricted to protect sensitive organisation data.
4. Internet gateways and Boundary firewalls
Internet gateways and boundary firewalls safeguard against illegal access and exposure from the internet. An inappropriate configuration of gadgets enables cyber attackers to access computers and obtain data with ease. Organisations can use a boundary firewall to protect against possible cyber attacks, by limiting both outbound and inbound network movement to accredited connections. This can be accomplished by administering firewall configuration settings.
5. Patch management
Network and computer gadgets running software may contain technical vulnerabilities which may be misused if discovered by cyber attackers. Firms should not only ensure that their software is effectively updated, they should regulate patches to eliminate the chances of getting cyber attacks as a result of software vulnerabilities.