Why do you need an IT Security Checklist?

According to the Government’s Cyber Security Breaches Survey 2017:

• 46% of all UK businesses identified a cyber security breach or attack in the last 12 months
• 6 in 10 of those who identified breaches also say the breach adversely impacted their organisation (being forced to implement new protective measures or having staff time taken up dealing with the breach)

To protect your company’s data and reputation, it is essential to ensure that the network is safeguarded against unauthorised access, data loss, malware infestations, and security breaches.

How Urban Network can help

It is now becoming more important than ever to ensure your business is protected and certified against the cyber risks. As a Gold IASME certified company and Cyber Essentials audit body, Urban Network is fully qualified to help your business achieve security compliance with the Cyber Essentials Scheme. Get in touch with our cybersecurity experts today to learn how you can improve your business security, assess current IT infrastructure and prepare a successful accreditation process.

Patch Management is one of the five key technical controls required in the UK Government-backed Cyber Essentials Scheme.

Why Patch Management is important?

Vulnerabilities or security flaws are common in software and are frequently discovered. Once known, it can quickly be exploited by malicious individuals or groups to gain access to networks and computer systems.
Vendors of applications and software will typically try to provide fixes for identified vulnerabilities as soon as possible, in the form of software updates known as “patches”.

What are Patch Management Control requirements?

• Update software regularly (including operating system software and firmware)
• Remove software that is no longer supported by vendor
• Use licensed and supported software
• All security patches are installed as soon as they are available (within 14 days), especially for ‘critical’ or ‘high risk’

About the Cyber Essentials Scheme

This is part of a series of blog posts dedicated to the five key controls of the Cyber Essentials Scheme.

Cyber Essentials is a government-backed, industry supported scheme to help organisations implement measures to help protect themselves against common cyber-attacks. The scheme focuses on the five most important technical security controls that, when implemented correctly, can reduce significantly an organisation’s vulnerability.

How Urban Network can help

It is now becoming more important than ever to ensure your business is protected and certified against the cyber risks. As a Gold IASME certified company and Cyber Essentials audit body, Urban Network is fully qualified to help your business achieve security compliance with the Cyber Essentials Scheme. Get in touch with our cybersecurity experts today to learn how you can improve your business security, assess current IT infrastructure and prepare a successful accreditation process.

Malware Protection is one of the five key technical controls required in the UK Government-backed Cyber Essentials Scheme.

Why Malware Protection is important?

An organisation should implement robust malware software on devices that have access to or are accessible from the Internet. Malware, such as viruses, worms and spyware are created and distributed deliberately to perform unauthorised functions on one or more computers. Potential sources of malware infection include malicious email attachments, downloads (including those from application stores), and direct installation of unauthorised software.

How to manage Malware Protection requirement?

Malware Protection software should:

• Be kept up-to-date either by configuring it to update automatically (with signature files updated at least daily) or with the use of centrally managed deployment
• Be configured to scan files automatically upon access. This includes when files are downloaded and opened, and when they are accessed from a network folder
• Perform regular scans of all files
• Prevent connections to malicious websites using website blacklisting (e.g. a list of malicious or suspicious website that is checked each time the web browser attempts a connection)
• Scan web pages automatically when they are accessed through a web browser (whether by other software or by the browser itself)

About the Cyber Essentials Scheme

This is part of a series of blog posts dedicated to the five key controls of the Cyber Essentials Scheme.

Cyber Essentials is a government-backed, industry supported scheme to help organisations implement measures to help protect themselves against common cyber-attacks. The scheme focuses on the five most important technical security controls that, when implemented correctly, can reduce significantly an organisation’s vulnerability.

How Urban Network can help

It is now becoming more important than ever to ensure your business is protected and certified against the cyber risks. As a Gold IASME certified company and Cyber Essentials audit body, Urban Network is fully qualified to help your business achieve security compliance with the Cyber Essentials Scheme. Get in touch with our cybersecurity experts today to learn how you can improve your business security, assess current IT infrastructure and prepare a successful accreditation process.

Access Control is one of the five key technical controls required in the UK Government-backed Cyber Essentials Scheme.

Why Access Control is important?

This control aims to ensure that only authorised individuals have user accounts and have access and at the appropriate level to reduce the risk of information being stolen or damaged. User accounts with special access privileges such as administrative accounts are often the target of cybercriminals as they have greater access to business sensitive information. When such account is compromised, it can facilitate large-scale corruption of information and disruption to business operations.

How to manage Access Control requirement?

• Have a provisioning and approval process for user account creation
• Special access privileges should be restricted to a limited number of individuals, be documented (e.g. individual details and purpose) and reviewed on a regular basis
• Admin accounts should be configured to require a password change on a regular basis
• Implement two-factor authentication, where available
• Every user should use a unique and strong password to access to applications, computers and network system
• Use administrative accounts to perform administrative activities only (no emailing, web browsing or other standard user activities that may expose administrative privileges to avoidable risks)
• Remove or disable user accounts and special access privileges when no longer required (e.g. when an individual changes role or leaves the organisation) or after a pre-defined period of inactivity (e.g. 3 months)

About the Cyber Essentials Scheme

This is part of a series of blog posts dedicated to the five key controls of the Cyber Essentials Scheme.

Cyber Essentials is a government-backed, industry supported scheme to help organisations implement measures to help protect themselves against common cyber-attacks. The scheme focuses on the five most important technical security controls that, when implemented correctly, can reduce significantly an organisation’s vulnerability.

How Urban Network can help

It is now becoming more important than ever to ensure your business is protected and certified against the cyber risks. As a Gold IASME certified company and Cyber Essentials audit body, Urban Network is fully qualified to help your business achieve security compliance with the Cyber Essentials Scheme. Get in touch with our cybersecurity experts today to learn how you can improve your business security, assess current IT infrastructure and prepare a successful accreditation process.

Secure Configuration is one of the five key technical controls required in the UK Government-backed Cyber Essentials Scheme.

Why Secure Configuration is important?

A new computer, network devices or installed software cannot be considered secure upon default configurations. Standard or factory settings often use administrator account with publicly known default password, come with unnecessary pre-installed applications and pre-enabled user accounts (sometimes with special access privileges). Computers and network devices should be configured in the most secure way to the needs of the organisation.

How to manage Secure Configuration requirement?

• Remove or disable unnecessary user accounts (e.g. guest account or unnecessary admin account)
• Change default administrative password for any user account to alternative, strong password
• Remove or disable unnecessary software (including application, system utilities and network services)
• Disable autorun feature to prevent software programs running automatically without user authorisation
• Enable personal firewall and configure to disable/block unapproved connections by default on desktop PCs and laptops
• Authenticate users before allowing Internet-based access to commercially or personally sensitive data, or data which is critical to the running of the organisation

About the Cyber Essentials Scheme

This is the second of a series of blog posts dedicated to the five key controls of the Cyber Essentials Scheme.

Cyber Essentials is a government-backed, industry supported scheme to help organisations implement measures to help protect themselves against common cyber-attacks. The scheme focuses on the five most important technical security controls that, when implemented correctly, can reduce significantly an organisation’s vulnerability.

How Urban Network can help

It is now becoming more important than ever to ensure your business is protected and certified against the cyber risks. As a Gold IASME certified company and Cyber Essentials audit body, Urban Network is fully qualified to help your business achieve security compliance with the Cyber Essentials Scheme. Get in touch with our cybersecurity experts today to learn how you can improve your business security, assess current IT infrastructure and prepare a successful accreditation process.

Access Control is one of the five key technical controls required in the UK Government-backed Cyber Essentials Scheme.

Why Access Control is important?

This control aims to ensure that only authorised individuals have user accounts and have access and at the appropriate level to reduce the risk of information being stolen or damaged. User accounts with special access privileges such as administrative accounts are often the target of cybercriminals as they have greater access to business sensitive information. When such account is compromised, it can facilitate large-scale corruption of information and disruption to business operations.

How to manage Access Control requirement?

• Have a provisioning and approval process for user account creation
• Special access privileges should be restricted to a limited number of individuals, be documented (e.g. individual details and purpose) and reviewed on a regular basis
• Admin accounts should be configured to require a password change on a regular basis
• Implement two-factor authentication, where available
• Every user should use a unique and strong password to access to applications, computers and network system
• Use administrative accounts to perform administrative activities only (no emailing, web browsing or other standard user activities that may expose administrative privileges to avoidable risks)
• Remove or disable user accounts and special access privileges when no longer required (e.g. when an individual changes role or leaves the organisation) or after a pre-defined period of inactivity (e.g. 3 months)

About the Cyber Essentials Scheme

This is part of a series of blog posts dedicated to the five key controls of the Cyber Essentials Scheme.

Cyber Essentials is a government-backed, industry supported scheme to help organisations implement measures to help protect themselves against common cyber-attacks. The scheme focuses on the five most important technical security controls that, when implemented correctly, can reduce significantly an organisation’s vulnerability.

How Urban Network can help

It is now becoming more important than ever to ensure your business is protected and certified against the cyber risks. As a Gold IASME certified body, Urban Network is fully qualified to help your business achieve security compliance with the Cyber Essentials Scheme. Get in touch with our cybersecurity experts today to learn how you can improve your business security, assess current IT infrastructure and prepare a successful accreditation process.