Cyber Essentials Readiness

Most businesses are IT based these days. Your systems going offline, or your data being corrupted or lost would be severely damaging and potentially costly - in time, money and reputation.

Taking your business offline is simply not an option; it is likely than many of your processes rely on Internet connectivity.

You need to get safe online, and whilst a good firewall and good anti-virus was enough in the past, now it isn't. Even the best firewalls and anti-virus let some threats through eventually, and you can't afford to take that risk.

The Cyber Essentials program is a set of technical measures and controls that, when fully implemented, can reduce your risk of serious infection and attack to almost negligible levels.

Dental IT Ltd is not a Cyber Essentials assessor; this has to be done by an independent third party . Dental IT Ltd is able to offer a Cyber Essentials Readiness program, that will take all the necessary steps to ensure, and guarantee, that your network is able to pass a Cyber Essentials Plus certification process. Dental IT Ltd is unique in the dental market in being the first national provider to help a dental practice to achieve full Cyber Essentials Plus certification.

The technical measures include (but are not limited to):

  • Ensuring all Operating Systems and software on the network are patched, free of vulnerabilities, and maintained up to date.
  • Ensuring that all users operate as restricted standard users, and not as administrators.
  • Ensuring that users can only run the software that they are allowed to run, and no other software (SRP - Software Restriction Policies).
  • Ensuring that all workstations are built to a standard, locked down image.
  • Ensuring that all firewalls and AV are configured for maximum threat protection.

System requirements:

Servers:

SBS 2008 and SBS 2011 systems cannot be fully compliant with Cyber Essentials. Any such networks would need to be rebuilt with Server 2012 or Server 2016 based servers in order to gain compliance. SBS 2008 includes a number of elements that cannot be compliant (including Exchange 2007); both SBS 2008 and SBS 2011 include various web applications that will not pass Cyber Essentials internal or external scans. Further, if you have an HP G6 or older server, you will not be able to install Server 2012 or Server 2016 to it, as these are not supported operating systems for these servers (see here).

Workstations:

It is not possible to comply with Cyber Essentials unless your workstations are all to the same locked down build. Maintaining different builds for different workstations is expensive and difficult to manage and support. We recommend that, if possible, all workstations are modern (core i3, i5, i7) PCs, running Windows 10 pro, ideally the same make and model.

Firewall and Antivirus

We recommend, install, configure and support commercial grade firewalls from Watchguard, Sonicwall, and Untangle. Our recommended AV is Symantec Endpoint Cloud.