Compliance

Cyber Essentials Plus

Cyber Essentials is a simple but effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

Contact
Contact

Get in touch

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Cyber Essentials Plus

Cyber Essentials is a simple but effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

Cyber-attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. Our advice is designed to prevent these attacks

Cyber Essentials Plus
APproach

What we do

Following a layered approach, the Cyber Essentials Plus assessment additionally includes an onsite technical review of the build and maintenance of the organisation’s workstations and mobile devices, including checks on: –

Patch levels of the Operating Systems

Patch levels of additional applications installed (Office, Adobe, Java, Firefox, Chrome etc)

Up to date mobile Operating Systems

Up to date mobile applications

Lock screens enabled on mobile devices

Other configuration and account handling weaknesses associated with the build of the devices.

Additionally, how the organisation manages the handling of known (but non-malicious in our test cases) malware originating from Internet downloads and emails is assessed.

Cyber Essentials Plus is a pre-requisite certifications for supplying to some elements of UK Government, Defence and Healthcare.

Features

Features of this service

Slider Arrow LeftSlider Arrow Right

Boundary firewalls and internet gateways

Cyber Essentials requires all devices that connect to the internet to be protected with a firewall. The aim, to creates a ‘buffer zone’ between your IT network or device and external networks. Reassure customers that you are working to secure yourself against cyber attack

Secure configuration

Cyber Essentials requires the applicant to be active in its management of computers and network devices.

Access control

Cyber Essentials requires the applicant to be in control of their user accounts and the access privileges granted to those accounts. Demonstrate an understanding of how user accounts authenticate and control the strength of that authentication.

Malware protection

Cyber Essentials requires a malware protection mechanism on all devices. That can be either AV software, Application allow listing, or Sandboxing.

Patch management

Cyber Essentials requires that all software is licensed and supported, and ‘critical’ and ‘high risk’ vulnerabilities are patched within 14 days.

Methodology

How we work

1
Contact

Get in touch and speak with one of the team.

2
Strategy

Strategic scoping call with our leading technical advisor to find out your exact requirements

3
RoadmaP

Tailor a roadmap to exactly what you need. We look to partner with our clients and be the trusted advisor they need

4
Onboarding

Our onboarding process is streamlined and smooth to ensue there is little to no disruption to your service

5
Continuous service

Your continuous security plan will give you the confidence in your security trusting an accredited professional partner is on hand 24/7

APproach

How we do it

Pre-Engagement

North Star will engage with the client to determine their requirements and ensure that the engagement is correctly scoped to deliver on those requirements and make sure all of the correct legal requirements are satisfied.

1
Gap Analysis

At the start at of all compliance engagements we carryout a gap analysis to gain an understanding of the current posture mapped to the required standard

1
Consultancy & advise

Our experienced industry experts will advise and consult on best practises, not only to reach the standard required but beyond with a wider security strategy in mind

1
Audit

North Star offers audit and certification services for Cyber Essentials, Cyber Essentials Plus and IAMSE Governance and can support the ISO27001 audit process

1
Report and Support

On completion we provide a comprehensive report, however we do not stop their, we offer a continued partner relationship to support your business at all times

1
CUSTOMERS

Our Happy Customers

Phone And Credit Card

From a business perspective, North Star provide an efficient, thorough, and cost-effective security service which has benefitted thinkmoney considerably over the course of the last year.

Glenn Sproule
CISO thinkmoney
thinkmoney

From a business perspective, North Star provide an efficient, thorough, and cost-effective security service which has benefitted thinkmoney considerably over the course of the last year.

Glenn Sproule
CISO, thinkmoney
SSE Utilities Solutions

Their knowledge in the subject matter was excellent and I found them easy to engage, personable and approachable.

Ian Cheshire
Enterprise IT Lead Solution Architect, SSE Utilities Solutions
Connected Tech Group

It’s really refreshing to work with experts who act as an extension of our team. North Star don’t stop at identifying issues, they are happy to work with us to solve them too.

Andrew Cockayne
CEO, Connected Tech Group
Pickfords

If you are looking for a company to really deliver on the service they are offering, I would look no further. Very quick and easy process. They completed the report within a tight timeframe and offered plenty of helpful advice!

Waseem Akram
Group IT Manager, Pickfords

Let's talk

We’re here to help! Submit your information or call the office on +44 (0)1243 670 854 and a member of our team would be happy to help.

Who is North Star?
How can we support your business?
Why work with us?

Send us a message

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Email Icon
Contact

Contact us

Please get in touch using the form below
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.