Touchstar awarded ‘Cyber Essentials Plus’ certification
27 February 2024
Touchstar
awarded ‘Cyber Essentials Plus’ certification
In February
2024, a team of external assessors conducted a thorough review of multiple IT
processes and controls with the objective of evaluating the robustness of
Touchstar’s protection against cyber attack. We are pleased to announce that as
a result of the assessment Touchstar was awarded ‘Cyber Essentials Plus’
status.
What is
Cyber Essentials?
Cyber
Essentials is an effective, Government backed scheme that will helps protect
organisations, whatever their size, against a whole range of the most common
cyber attacks.
Cyber
attacks come in many shapes and sizes, but the vast majority are very basic in
nature, carried out by relatively unskilled individuals. They’re the digital
equivalent of a thief trying your front door to see if it’s unlocked.
The Cyber
Essentials process is designed to prevent these attacks.
There
are two levels of certification:
Cyber
Essentials
A
self-assessment option gives companies protection against a wide variety of the
most common cyber attacks. This is important because vulnerability to basic
attacks can mark organisations out as target for more in-depth unwanted
attention from cyber criminals and others.
Certification
gives peace of mind that company defences will protect against the vast
majority of common cyber attacks simply because these attacks are looking for
targets which do not have the Cyber Essentials technical controls in place.
Cyber
Essentials shows organisations how to address those basics and prevent the most
common attacks. However, as an organisation itself rooted in IT development,
Touchstar felt compelled to comply with the more rigorous approach of the
‘Plus’ classification.
Cyber
Essentials Plus
Cyber
Essentials Plus still has the Cyber Essentials trademark simplicity of
approach, and the protections needed to put in place are the same, but for
Cyber Essentials Plus a hands-on external technical verification is carried
out.
Scope
The requirements of the Cyber Essentials Plus certification are
organised under five technical controls:
1. Firewalls
2. Secure configuration
3. Security update management
4. User access control
5. Malware protection
Further details on the Cyber Essentials & Cyber Essentials Plus
certifications can be found at About Cyber Essentials- NCSC.GOV.UK .