The 5 Controls of Cyber Essentials – Secure Configuration
Leo Daniels • October 9, 2020
This is a subtitle for your new post
The ‘secure configuration’ control requires businesses to optimise all settings within their network for maximum security, and ensure system maintenance is carried out regularly to minimise opportunities for cybercriminals.
While this is a fairly easy concept to understand, ensuring compliance with this control means breaking down your network into its component parts and fine-tuning each part to be as secure as possible – a task that can seem daunting to the uninitiated.
Default settings don’t meet the standard!
Typically, factory-fresh software or hardware features default settings designed to enable maximum usability rather than maximum security. It’s common for devices to come with pre-installed software that you’ll never use, the default ‘admin’ password may be available online and you could encounter pre-configured user accounts featuring administrator-level permissions.
For Cyber Essentials compliance, you’ll have to rigorously replace such settings, and configure devices to ensure maximum security in a way that also considers your business’ needs.
A poorly configured IT system could set you up for a fall!
Applying and maintaining secure settings requires you to be on your guard! You’ll have to regularly review system settings, be proactive when it comes to maintenance and make continuous changes to settings as your business develops. A poorly configured system can have disastrous consequences.
Unauthorised Access
Managing permissions is important to avoid unauthorised access (by individuals within or outwith your organisation) to sensitive data, confidential information and system settings. Unauthorised access could result in data theft/loss, malware intrusion or deliberate or accidental changes to security settings which could present future opportunities for cybercriminals.
Poorly maintained software
Patch management is vital to keep hackers at bay. Failure to deploy security fixes leaves software vulnerabilities exposed for longer, leading to an increased chance of a devastating cyber attack.
Attackers love poorly configured systems
Upon gaining access to a network, carelessly configured security settings act as ‘open doors,’ giving intruders free-rein to inflict maximum damage. A hacker could exploit a weakly configured system by:
Gaining access to and stealing high-value data such as bank details or intellectual property.
Taking advantage of unnecessary functionality
Introducing malware via ‘plug and play’ devices, such as USB sticks.
Exploiting generous user privileges to set up a path of entry for future cyber attacks.
Keep your network securely configured – 9 key considerations
Only use up-to-date, supported Software.
Make sure you’re using software that is vendor-supported. If you’re using old, unsupported programs that are no longer being maintained by the vendor in the form of updates, you could be leaving your business exposed to cyber-attacks, as hackers are always keen to exploit vulnerabilities in outdated software.
Draw up a patch management policy
It can be helpful to create a policy document relating to the installation of security-related updates (patches). This document should include target timeframes for the deployment of new fixes, and stress the importance of minimising risk in situations where a vulnerability cannot be patched.
Draw up an inventory of all hardware and software
Creating an inventory of all the hardware and software components of your network is a good basis from which to begin configuring your network for maximum security. Consider recording details such as location, purpose, version and patch status to aid in system maintenance efforts.
Establish guidelines for secure software configuration
Draw up a set of rules which set out how software programs should be set up to ensure maximum security. You might want to include a rule that requires unnecessary apps, services and functionality to be removed or disabled or one that mandates the use of multifactor authentication wherever it’s available. Use these rules as a basis for configuring all software programmes and make a note of any special cases where these rules cannot be enforced.
Use vulnerability scanning tools.
Vulnerability scanners are widely available tools that are useful for identifying weak points across networks, applications, devices as well as online services. Consider running such a scan regularly as part of your cybersecurity routine.
Avoid removable media and disconnect unnecessary peripherals
Consider disabling ports to discourage the use of removable media such as flash drives. Such devices are common vectors of transmission for malware, so restrict the use of them if you can.
Similarly, peripheral devices should be disconnected and driver software uninstalled when they are no longer required.
Establish a list of ‘permitted applications’ and use execution controls
Create a list of secure, trusted applications that are required to perform business functions. Then use this list to identify the apps in your system that are either unnecessary or unauthorised and remove them accordingly.
You should also apply ‘execution controls’ to prevent the launching of software that isn’t on the approved list.
Grant privileges sparingly
Extend administrative privileges to users on a ‘needed-to-perform-job-role’ basis. The vast majority of your team shouldn’t need such privileges anyway, so only assign such rights to members of your team responsible for your IT and perhaps a few senior management positions.
Administrator accounts should feature basic functionality
An admin account is an ultimate prize for the cybercriminal, so reduce the chances of such an account being hacked by limiting functionality to the bare essentials.
We’re 1-fix, we can help you secure your business
At 1-fix, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take. If you have any questions, concerns or would like to discuss how we might help you with your regulatory challenges, we’d love to chat. Please click the banner below to book a call, or contact us straight away on 0118 926 0084 or by email to info@1-fix.com.
Thank you for reading.
Join Our Mailing List
All sign-ups are handled inline with our privacy policy and can unsubscribe at any time.
Recent Blogs
Avoid the risks of using Office 365 Home at work. Learn why Office 365 for business is the right choice for security, scalability, and compliance.
Discover the key benefits of outsourced IT support, from enhanced cybersecurity and 24/7 monitoring to cost savings and regulatory compliance.
Stay cyber secure while travelling with 10 expert tips. Use VPNs, avoid public Wi-Fi, and protect your data on the go.
In a world where AI is changing how we work and compete, security is more important than ever. We are gathering industry leaders and AI experts for a special roundtable event. This event will focus on a key topic: AI security.
Microsoft 365 Business Basic offers a range of cloud-based services designed to empower businesses to work smarter and more efficiently. Let's delve into what this package includes and how it can benefit your organisation.
We’re excited to announce an informative webinar featuring Elliot Wilkie from Brigantia and Craig Atkins from 1-Fix, diving deep into the world of DMARC on 8th July at 2 PM . This is an essential session for anyone looking to secure their email communications, understand DMARC compliance, and enhance their email deliverability.
