The Cyber Essentials and Cyber Essentials Plus certifications are helpful tools for bettering your organisation’s cybersecurity strategy and protecting your IT infrastructure against cyber threats. With automated endpoint management, Automox makes it easy to patch, configure, control, and secure your endpoints in support of your organisation’s certification.
The Cyber Essentials protocol, as defined by the National Cyber Security Centre, defines five primary technical control themes:
1. Firewalls
2. Secure configuration
3. User access control
4. Malware protection
5. Security update management
Implementing and maintaining these controls help organisations protect themselves from common cyber attacks, including phishing attacks, and ransomware and other malware attacks.
Automox supports the implementation of eight of the ten secure configuration and security update management controls.
How Automox Helps with Cyber Essentials Compliance
Firewalls:
Automox can help with your security configurations and assist with the implementation and distribution of endpoint firewall solutions, but this control area isn’t a core tenant of Automox’s functionality.
Secure Configuration:
Remove and disable unnecessary user accounts (such as guest accounts and administrative accounts that won’t be used)
Yes, Automox supports this ability via Worklets
Change any default or guessable account passwords (see password-based authentication)
Yes, Automox supports this ability via Worklets
Remove or disable unnecessary software (including applications, system utilities and network services) Cyber Essentials: Requirements for IT infrastructure v3.0 9
Yes, Automox supports this ability via Worklets
Disable any auto-run feature which allows file execution without user authorisation (such as when they are downloaded from the Internet)
Yes, Automox supports this ability via Worklets
Ensure authentication of users before allowing access to organisational data or services
No, Automox does not have native capability for this control area
Ensure appropriate device locking controls (see “device locking”, below) for physically present users
Yes, Automox supports this ability via Worklets
User Access Control:
Automox can help with your security configurations and assist with the implementation and distribution of user access providers, but this control area isn’t a core tenant of Automox’s functionality.
Malware Protection:
Automox can assist with the distribution of malware protection solutions, however, this control area is not a core tenant of Automox’s functionality.
Security Update Management:
All software on in scope devices must be:
Licensed and supported
Automox provides endpoint software inventory but not licence management.
Removed from devices when it becomes un-supported or removed from scope by using a defined “subset” that prevents all traffic to / from the internet
Yes, Automox supports this ability via Worklets
Have automatic updates enabled where possible
Yes, Automox supports this via default patch policies
Updated, including applying any manual configuration changes required to make the update effective, within 14 days* of an update being released, where:
The update fixes vulnerabilities described by the vendor as ‘critical’ or ‘high risk’
The update addresses vulnerabilities with a CVSS v3 score of 7 or above
There are no details of the level of vulnerabilities the update fixes provided by the vendor
Yes, Automox supports this via default patch policies and/or Worklets depending on the vulnerability in question