{"id":5409,"date":"2019-10-24T10:00:38","date_gmt":"2019-10-24T09:00:38","guid":{"rendered":"https:\/\/cybersmart.com\/?p=5409"},"modified":"2021-10-05T12:02:35","modified_gmt":"2021-10-05T12:02:35","slug":"cyber-essentials-your-it-infrastructure-requirements","status":"publish","type":"post","link":"https:\/\/cybersmart.com\/blog\/cyber-essentials-your-it-infrastructure-requirements\/","title":{"rendered":"Cyber Essentials: Your IT infrastructure requirements"},"content":{"rendered":"
For<\/span> companies<\/span> aiming<\/span> to<\/span> apply<\/span> to<\/span> the<\/span> Government<\/span> Cyber<\/span> Essentials<\/span> scheme<\/span><\/a><\/span>,<\/span> it\u2019s<\/span> essential<\/span> to<\/span> be appropriately prepared and well-managed to reach all of the IT infrastructure requirements<\/span> listed.<\/span><\/p>\n Businesses wishing to take that next step and get certified through IA<\/a><\/span>SME or any other scheme must<\/span> be<\/span> fully<\/span> compliant<\/span> with<\/span> these<\/span> requirements<\/span> to<\/span> reach<\/span> that<\/span> passing<\/span> grade.<\/span> With<\/span> our<\/span> guidance, you can be Cyber Essentials ready in next to no<\/span> time.<\/span><\/p>\n The<\/span> specific<\/span> requirements<\/span> for<\/span> IT<\/span> infrastructure<\/span> under<\/span> the<\/span> Cyber<\/span> Essentials<\/span> scheme<\/span> are<\/span> split<\/span> into five distinct categories or control themes, listed<\/span> below:<\/span><\/p>\n Every device running network services, particularly desktop computers, laptop computers, routers and servers, must include a boundary firewall. This firewall prevents or restricts the flow of network traffic both inbound and outbound to prevent against cyber attacks. Under Cyber Essentials, this firewall must:<\/span><\/p>\n This requirement applies to application, web and email servers, as well as desktop and laptop computers, mobile devices, tablets, firewalls and routers. The business must ensure that all computer and network devices are effectively configured to reduce vulnerabilities and restrict functionality to role fulfilment. Under Cyber Essentials, secure configuration must:<\/span><\/p>\n User access control is a requirement that facilitates all user\u2019s access to applications, devices and sensitive business data. This process includes ensuring that user accounts are managed effectively, and additional access is only given to those who need it \u2013 such as administrative account holders. Under Cyber Essentials, user access control must:<\/span><\/p>\n Applying to desktops, laptops, tablets and mobile devices, malware protection does as it says on the tin \u2013 it protects the network and users from potential malware attacks and restricts the access of untrusted software to sensitive data. Under Cyber Essentials, malware protection must:<\/span><\/p>\n The final factor required, patch management deals with the reduction of risk by maintaining <\/span>up-to-date patches of existing software used by a business. Patches aim to fix security flaws or gaps in protection in many cases, making it vital to stay up-to-date. Under Cyber Essentials, patch management must:<\/span><\/p>\n Are you a small business looking to improve cybersecurity but not sure where to begin? Start by getting\u00a0certified in Cyber Essentials<\/a>, the UK government scheme that covers all the fundamentals of cyber hygiene.<\/p>\nFirewalls<\/span><\/h4>\n
\n
Secure configuration<\/span><\/h4>\n
\n
User access control<\/span><\/h4>\n
\n
Malware protection<\/span><\/h4>\n
\n
Patch management<\/span><\/h4>\n
\n