Cyber Essentials, the Government-backed, industry-supported scheme that helps organisations protect themselves against the most common online threats, has recently sent out an update that says an increasing number of businesses are failing to achieve their Cyber Essentials badge accreditation.
The IASME (the Information Assurance for Small and Medium Enterprises) consortium who worked with the Government to set up the Cyber Essentials scheme accreditation, reports that failures have largely been due to the use of mobile devices that are unable to run operating systems that support that latest security updates. For example, if a business employee is using an Android 8 (Oreo) device, it needs to be upgraded to 8.1k to continue to receive security updates. IASME has said advice from Apple is clear. If you cannot install the latest OS, then the device is unsupported and not Cyber Essentials compliant.
The Cyber Essentials and Cyber Essentials Plus badges are a recognised UK standard that demonstrates a business adheres to a recognised set of online security controls and practices that limits exposure to online threats including; viruses, worms, Trojan horses and phishing. It is a ‘must have’ accreditation for any organisation participating in tenders.
Excalibur is experienced in implementing cyber security solutions for its mobile and IT customers and includes a Cyber Security Audit as standard at the start of any new service contract. This makes sure network and device security basics are covered and any potential weaknesses identified on day one, for an upgrade.
Graham Ford, Excalibur Operations Director, speaking about mobile security said: “As a supplier of mobile devices and network solutions, we have been very conscious of the need to make sure mobile phones and lap tops – personal and company – are a key consideration when looking at cyber security. Management can tend to focus on the larger elements of any security upgrade, such as network admin rights or firewall software choice, rather than the range of devices that carry the data across their network.
“We encourage and have a good track record in enabling our customers to achieve Cyber Essentials and Essentials Plus accreditations. It’s not only good practice, but stands a business in good stead for being compliant when handling others peoples data.”
Excalibur implements leading security solutions for its most mobile customers. These include the Cisco Umbrella security platform, Sophos Endpoint and Samsung Knox. We also recommend clients undertake the following actions when it comes to ensuring mobile security:
- Regular audit of mobile devices with access to company networks
- Maintain an inventory of company devices to track required replacements or upgrades
- Establish company protocol for employees when using devices at work
- Train staff how identify potential threats e.g. phishing emails, viruses
If you would like to discuss your eligibility for the Cyber Essentials accreditation, please get in touch.