Cyber Essentials
UK Cyber Essentials
Un dispositif soutenu par le gouvernement britannique couvrant cinq domaines de contrôles techniques qui bloquent les attaques les plus courantes et non ciblées. Cyber Essentials Plus ajoute un audit technique pratique.
Who it applies to
Toute organisation britannique souhaitant un socle certifié contre les menaces Internet courantes. Exigé pour soumissionner à certains marchés publics britanniques, notamment ceux traitant des informations personnelles ou sensibles.
Technical controls
- CE-1 Firewalls10 mapped
Use firewalls to secure internet connections and protect devices, including changing default admin passwords.
- CE-2 Secure configuration10 mapped
Configure devices and software securely, removing default accounts and unnecessary functionality.
- CE-3 User access control16 mapped
Control access to data and services with least privilege and properly managed user accounts.
- CE-4 Malware protection
Protect against malware using anti-malware, application allow-listing or sandboxing.
- CE-5 Security update management10 mapped
Keep devices and software up to date and remove unsupported products.