Contact-us

Information request

You have a question ? Need information? do not hesitate to contact us

+32(0)800 12 512
info@computerland.be

Customer area

Access to the information area reserved for customers:

Customer area

Services Center

Support for incidents & service requests

+32(0)800/12.712 (Fr)
+32(0)800/12.812 (Nl)
support@computerland.be

Customer services

Delivery

+32(0)4 239.89.39
logistics@computerland.be

Billing service

invoice@computerland.be

CONTACT & ACCESS MAP

You are here : > Cyber Security > Cyber Essentials

COMPUTERLAND assists you with your

CYBER ESSENTIALS Certification

Developed for businesses to prove their Cyber Security maturity, Cyber Essentials is an industry-supported UK government-funded scheme for providing guidance to businesses on how to protect themselves from Internet threats. Applying Cyber Essentials control measures can significantly reduce the risk of basic cyberattacks that are common.

Cyber Essentials certification for IT security under control!

GLOBAL APPROACH

covering 5 different fields* of application

"Cyber Essentials" CERTIFICATION
particularly suitable for SMEs

CHALLENGES
your IT environment and DETECTS security vulnerabilities

EVALUATES
your company’s level of cybersecurity efficiency

Cyber Essentials enables companies to demonstrate to their customers that they have taken the basic and essential precautions by obtaining Cyber Essentials certification.

2 levels of certification

Cyber Essentials

The company must complete a questionnaire. The answers are analysed by an independent external certification body.

Cyber Essentials PLUS

Provides a higher level of assurance by performing outsourced testing of the cybersecurity strategy implemented by the company.

Steps in the «Cyber Essentials» certification process

Management and security of Internet access (Firewall, router, etc.);
Secure configuration of servers and workstations in terms of Windows configuration, rules of good practice and associated procedures;
Access control: management of access, rights, rules of good practice and internal procedures;
Malware protection – tools, configuration of tools, rules of good practice and associated procedures;
Patch management: – patching policy, verification of IOS and application compliance (availability of security patches), rules of good practice and associated procedures.

The questionnaire

34 questions in 5 areas of application

Boundary Firewalls and Internet Gateways
Secure Configuration
Access Control
Malware Protection
Patch Management

Scope

Possibility of defining scope to limit certification to a sub-entity of the company or a particular activity or a particular site
If there is no scope, all systems at all sites must meet the requirements of certification

Liscence

All systems and software included in the scope must have a valid licence

Support

All OS, software, applications or systems must be products supported by the publisher in terms of security updates. Example : Windows XP or Server 2003 are no longer supported by Microsoft -> cannot be included in the scope. Nevertheless, by applying containment measures, it is possible to leave such systems within the scope (no access to the Internet, limited access, VLAN network, etc.)

The criteria

26 criteria in 5 areas of application

Boundary Firewalls and Internet Gateways
Secure Configuration
Access Control
Malware Protection
Patch Management

Application of the criteria

Each element present in the scope must be checked against these criteria
Not all criteria apply to all elements
Non-compliance of certain elements with certain criteria is accepted when there are technical impossibilities. In this case, alternative measures must be put in place to limit the risks.

Cyber Essentials in 4 test

EXTERNAL SCAN
Scan of vulnerabilities for external fixed IP addresses.

MAIL
Sending an email with test malware to test the effectiveness of protection measures against malware propagated via email.

SURF
Surfing a test page containing test malware to test the effectiveness of protection measures against malware propagated by websites.

INTERNAL SCAN
Internal scanning of vulnerabilities on servers with administrator rights. The purpose of this test is to verify the level of protection and to detect vulnerabilities that have not been addressed.

Added value :

Profitable investments in basic cybersecurity for companies of all sizes. Applicable and effective approach for your company too.
Eligibility for your company to meet UK government specifications.
Reduced risk of cyberattacks on your company.
Distinction from your competitors. Demonstrates that your company is taking cybersecurity risks seriously.
Certification is an element that you can bring to the attention of your insurer as part of a cyber insurance policy.

COMPUTERLAND’s proposal

Assist the customer with their certification. Advise them, prepare them.

Audit

«As-is» audit of the security level of the customer’s infrastructure.

Audit report

Containing the compliant points as well as the defective points and the recommendations for becoming compliant

Application of recommendations

Certification

The customer applies for Cyber Essentials certification and responds to the auditor

CHOOSE COMPUTERLAND

Why to choose COMPUTERLAND ?

Cybersecurity has become a necessity even for SMEs. Industry 4.0 will further increase the ubiquity of IT

Standardisation of the Cyber Essentials approach
Tools to facilitate the Cyber Essentials approach under development
Economies of scale through the reuse of these tools
COMPUTERLAND has the technical and methodological skills to lead your company to certification

TOP