Published Date: 26 May 2023
What are Cyber Essentials and Cyber Essentials Plus?
Cyber Essentials is a government backed scheme that helps to protect organisations of all sizes against the most common cyber-attacks. Within this scheme there are two levels of certification, Cyber Essentials and Cyber Essentials Plus.
The first level is Cyber Essentials this certification provides reassurance that your organisations defences will protect against the vast majority of common cyber-attacks. The protection comes from having key technical controls in place to achieve the certification for Cyber Essentials.
Cyber Essentials Plus takes the protection a step further where a hands-on technical verification is carried out by a qualified third-party. A thorough audit is carried out to examine how the five technical controls are applied within an organisation, and how they may be applied more effectively.
The Five Technical Controls that are assessed as part of the certification are:
1: Firewalls are used to stop unathorised access to and from private networks
2: Secure configuration across all devices and software
3: User access control
4: Malware Protection to protect your business from malicious software
5: Patch management to keep devices and software up to date
It is important to ensure that an organisation is not vulnerable to basic attacks as it can open the doors for more in-depth unwanted attention from cyber criminals, Cyber Essentials provides that reassurance of protection. With Cyber Essentials Plus it provides the independent review, as cyber threats continue to evolve the annual review helps to ensure ongoing protection against the ever-changing landscape of cybercrime.
What it means to us being Cyber Essentials Plus Certified
1: Strengthens Our Commitment to Security
A core business value for us is that we only design and build secure applications, we have a security by design approach and our platforms of choice are chosen for their commitment to security. Achieving both our Cyber Essentials and Cyber Essentials Plus certification demonstrates and strengthens our commitment in keeping our company, customers and data protected from online threats.
2: Annual Auditing Keeps Us up to Date with Best Practises
The independent review of our applied security controls continues to be assessed and validated to ensure that we remain protected. It also keeps us to up to date with implementing best practises and we strongly believe that regular reviews are essential to maintain protection against evolving cybercrimes.
3: Protected against approx. 80% of Cyber Attacks
The five technical controls that are in place for Cyber Essentials Plus helps to keep our business and commercially sensitive data protected. These controls provide reassurance that we remain prepared for, and protected against, constantly evolving cyber security threats.
4: Enables us to work in highly regulated industries and within public sector
Cyber Essentials Plus certification is often required to work with highly regulated industries such as Financial Services are regulated by the FCA (Financial Conduct Authority) and for work within public sector. Our certification enables us to utilise our security expertise in designing and developing highly secure solutions. We understand and have undergone many security requirements such as third-party penetration testing to support customers who require that level of protection.
5: Partnering with suppliers and technology providers who also demonstrate commitment to security
Our certification confirms our commitment to security which demonstrates how we prioritise cyber security to our partners, regulators, and suppliers, in turn we seek partnerships from those who also share this commitment. We have invested in Microsoft Azure cloud where we design, build, and host all our applications due to its robust security controls. Azure embeds security into its development methodology ensuring compliance and protection, it is a platform backed by 3,500+ cyber security experts.
6: Safeguarding Our Customers
Our validated certifications provide reassurance to our customers that we take cyber security seriously and will continue to maintain our security controls and measures to keep our customers protected. We believe this provides peace of mind to our customers that their applications, data, and information is safe and secured.
How it benefits our customers?
- Place your trust in an accredited partner who takes a proactive approach to cyber security.
- Reassurance that software applications we design and develop for our customers are protected with best practise security controls for strong cyber defence.
- Our security expertise supports customers who are delivering online applications within highly regulated industries where more stringent security testing may need to be performed such as pen testing.
- Partner with an organisation that goes beyond the Cyber Essentials five controls with its security by design approach demonstrating our awareness of the potential risks posed by cyber-attacks.
- We are safeguarding all types of data against theft and loss including sensitive data, personally identifiable information, intellectual property and data for our customers.
Over the years consumers have become more aware and concerned about cybersecurity, there is much more personal information and data being captured online. Consumers seek businesses that provide reassurance and transparency with data collection and cybersecurity practises.
Finally, you can check and see which organisations are Cyber Essentials Plus certified via the National Cyber Security Centre’s open database.
We can proudly say I‑Finity is on the database with its certifications for Cyber Essentials and Cyber Essentials Plus.
Place your development needs with I‑Finity we never compromise security.