Cyber Essentials

By Ian, Technical Director

Cyber Essentials is a government backed scheme to allow companies to self certify the processes that they have in place to protect against cyber attacks. Cyber Essentials lists the common attack vectors, and encourages you to think about how you protect your computers and the data they contain. Certification gives you peace of mind that a company's defences will protect against common threats.

So why didn't Epix do this years ago? Mostly because the certification process doesn't suddenly make you safer. We have been providing internet-accessible solutions since 2001, and had always-on internet since before ADSL - so we were already well used to managing firewalls, port forwarding, server patching, securing remote access, and designing audit and security into our own solutions and protecting against exploits for over 20 years. Being "Cyber Essentials Certified" doesn't require you to do anything new if you are already taking the correct defensive measures, and it doesn't suddenly make you magically secure. None of our customers were asking us to be certified, and we weren't losing sales because we didn't have the logo, and from a technical perspective we really didn't see why it mattered. We were already taking security seriously.

Cyber Essentials

Always Secure -v- Certified Secure

Ok, so why did we bother doing it now if there was no point to it? The short answer is because it was easy to do! We had some time on our hands (support has been a little quieter than normal for the last 3 months!), and thought we'd give it a go. The process took about 2 hours to walk through the certification process, gather evidence, and confirm that we had the correct processes in place.

Our solutions are now just as secure as they always were, but now you can be more confident that our own internal processes that we have developed over the last 20 years align with industry standards.

What Does This Mean For You?

Probably the biggest effect this has on our customers is that we now tick one more box on their tenders. The tendering process often asks questions about your suppliers, and their processes. As IT is often such a central part of what Local Authorities and Housing Associations focus on in their tenders, we regularly assist our customers when they are completing the ITC elements of a tender, and Cyber Essentials has been appearing more and more often recently. This isn't just a box ticking exercise - this is the natural effect of using procurement to improve standards.

Should You be Certified Too?

The process was quick, and easy, and cheap to complete. If you have never really thought about your cyber security beyond anti-virus software, then the certification process is a fabulous place to start looking critically at your own processes. Certification won't make you magically secure, but it will highlight to you what the risks are. If you are already aware of the threats, and have strong internal policies on elements like firewalls, authentication, and patch policy, then probably Cyber Essentials isn't going to give you anything useful - but if those words mean nothing to you then you should apply for self-certification today. Cyber Essentials is a good way for the government to influence us all, and educate us.

If you don't know where to start then get in touch and we can give you details of how we did it - there are lots of providers out there who will support you through the certification process, and it shouldn't cost more than £300.

NextHint of the month: F-Gas logs
How to Write a Good CVPrevious

Interfacing

Communicating with other systems is often required, and we're upto the task.

Read More...

Job Control

Developed since 1991, our software increases efficiency, visibility and control throughout the lifetime of a job.

Read More...

Mobile Working

Engineered from the ground up as a tool for responsive repairs and servicing on a high–performance platform.

Read More...

Navigation


Follow Us




 

 

Our Vision



Why contact Epix? We are different to most other software firms: we are engineers who can write software and as part of our approach whenever a customer contacts us we ask the following: What are the problems they are facing? What is consuming their time? What could be done better? How much money can we save them? How can we make them more successful? We have 28 years experience of providing solutions that are affordable and work. And we don’t stop when the system is installed – we continue to spend time with our customers as their businesses grow, enhancing our systems to give them the features they need – and keep them ahead of the competition.