Become Cyber Essentials audit-ready with EventLog Analyzer
The Cyber Essentials scheme, pioneered by the UK government and supported by prominent industry members, helps organizations maintain a strong cybersecurity outlook. It defines a basic set of security controls that organizations should have in place to defend their networks from cyberthreats and ensure information security. The Cyber Essentials certification is necessary for any organization that wishes to bid for a public sector contract, which involves handling sensitive or personal data. EventLog Analyzer comes with predefined reports that help you comply with the various security controls required by Cyber Essentials.
The security controls proposed by the scheme fall under five basic categories, described below.
Boundary firewalls and internet gateways
Cyber Essentials mandates the use of a firewall to protect every device in your network that connects to the internet. Firewalls regulate traffic moving into or out of your network, and prevent connections to or from suspicious sources. The scheme requires that these firewalls be configured to meet your network's security requirements, which includes reviewing and making changes to the default settings, preventing remote access to the administrative interface, and monitoring for any unauthorized configuration changes.
Windows firewall auditing reports | Windows firewall threat reports
Similar to firewalls, you must ensure all devices and application servers are configured optimally to suit your network requirements. The default settings on any new device are likely to have all functionalities and modes of connection enabled to allow for easy access and use. This is inefficient, and may also provide attackers with an easy entry point to your network. It is therefore necessary that you configure all devices and applications to provide only the services you require and monitor their usage carefully.
Policy change reports | Configuration management reports | SQL Server auditing reports
User access control
User accounts are valuable entities in any network. The way a user account is set up determines what devices and information the user has access to. Privileged user accounts, in particular, have the highest level of access in any network. You must carefully oversee the creation, modification, and deletion of user accounts to ensure that they are used as authorized, and provide only the necessary amount of permissions required for a particular user to perform their duties.
Account logon reports | User access reports | Account management reports | SQL Server account change reports | Oracle account change reports | Printer auditing
Attackers often try to inject corporate networks with malicious software meant to steal sensitive network information or resources. You must have defense mechanisms in place to identify potential malware installations and prevent their spread through your network. You should also have rules in place governing user software installations, and monitor your network for unauthorized software use.
Removable disk auditing reports | Windows application whitelisting reports | Windows antivirus threat detection reports
It's critical to keep all your devices and software up-to-date. All devices contain at least a few vulnerabilities, and once they are discovered, attackers will waste no time in using exploits to breach your network. You should constantly scan your network for vulnerabilities, as well as apply the latest patches to your devices and applications, as and when they are made available by vendors.
Windows system event reports | Windows threat detection reports
Other security features in EventLog Analyzer
Apart from the audit reports mentioned above, EventLog Analyzer also comes with advanced security features so that you can be the first to know when a potential breach has occurred in your network. The product includes built-in rules to detect potential malware installations, and a threat intelligence module to identify communications with known malicious entities. EventLog Analyzer's detailed reports and security features make it the solution of choice for you to comply with Cyber Essentials mandates.