KACE is an excellent toolset to work towards, or achieve CyberEssentials certification. Functionality within KACE empowers the user to automate the steps towards certification.
Just basic functionality is used
- Smart Labels
- Managed Installations
- Software Metering
- Feature Updates
- Security Patching and Updates
To find out a a bit more about how Indigo Mountain runs a customer Cyber Essentials project, download our process whitepaper here
Cyber Essentials is a United Kingdom certification scheme designed to show an organisation has a minimum level of protection in cyber sercurity through annual assessments to maintain certification.
Backed by the UK government and overseen by the National Cyber Security Centre (NCSC). It encourages organisations to adopt good practice in information security. Cyber Essentials also includes an assurance framework and a simple set of security controls to protect information from threats coming from the internet.
The certification will undergo substantial changes from January 2022 including bringing all cloud services into scope and a new section on Multi Factor Authentication along with changes on passwords and pins.
The Cyber Essentials program provides two levels, the first is self-certification and the second requires independent validation of claims made:
Commonly referred to as mark your own homework, organisations self-assess their systems, and then complete an online assessment.
There is no third party verification of the accuracy of the answer
Cyber Essentials Plus
The same as the basic but with independent validation by an accredited third party.
Systems are independently tested, and Cyber Essentials is integrated into the organisation's information risk management.
IASME has incorporated the Cyber Essentials into the wider IASME information assurance standard.
As with ISO/IEC 27001, organisations may choose to limit the scope of certification to a certain subset of their business and this must be disclosed on their certificate.