Cyber Essentials Plus Certified

I’m proud to announce that PowerON has achieved Cyber Essentials Plus certification!

Cyber Essentials Plus Logo

If you’re not aware of this certification, it’s a UK Government backed scheme that assesses an organisations security posture across 5 key focus areas with external validation to prove the controls and processes are in place for good security hygiene.

https://www.ncsc.gov.uk/cyberessentials/overview

The certification is made up of two parts. Firstly is the Cyber Essentials verified self-assessment phase which, as it sounds, consists of completing a questionnaire and having it checked over to ensure it meets the requirements by an external body that is accredited to do so by IASME.

This phase captures information about your organisation, your environment, your controls for anti-malware, application and OS lifecycle management, identity management etc

If you’ve already been through ISO27001 (like ourselves) this won’t be too much hassle as you’ll already have the controls, policies and processes in place to support it.

If not, this isn’t just a tick box exercise where you can just mark yes or no answers. Be prepared to back up your answers with data and process references etc.

People looking at computer monitors

Once you’ve completed this first stage, at which point you gain accreditation for Cyber Essentials, you can move onto the “Plus” second phase.

This phase involves an external body performing vulnerability scans across any internet exposed services you have, as well as across your internal environments. It also involves physically checking a sample of your estate to ensure they’re being patched, security controls are in place, unapproved applications can’t run and malware is blocked.

Since we deliver secure desktop design and configuration for our customers, this is nothing that we weren’t expecting, nor unprepared for thankfully.

We’ve long talked about and helped customers across:

  • Device Provisioning
  • Secure Baseline Configuration
  • OS and Application Lifecycle Management
  • Application Restrictions
  • Approved Application Delivery
  • Removing Local Admin Rights
  • Identity and Security Management
  • Starters, Leavers and Movers Process
  • Vulnerability and Security Monitoring with Defender for Endpoints

If you’re looking to gain Cyber Essentials and would like some assistance making sure your desktop environment is configured and well managed, reach out to us

I’m always happy to share what works and what to consider when it comes to user productivity impact and how we might be able to help you.

For a helpful guide to the areas you need to be focusing in on, check out my Cyber Essentials Plus video series.

Share on:

Defending your Data Against Ransomware

View our previous webinar session

Watch now
Share on Facebook
Share on Twitter
Share on LinkedIn

Related blogs

Person logging into a laptop

I Don’t Know My Password

Not knowing your password used to be a source of shame! But no longer – could it actually be the key to tighter security?

Windows 11 desktop with start menu open

Migrating to Windows 11

It’s time to start planning for Windows 11 migrations, so what needs to be considered? Plan across Hardware, Applications, Features, Security and Scheduling…