Network Security Solutions

An administrator is someone who is in charge of the settings and controls of a computer. Someone using an administrator account can view every file on the system, including any account maintenance, billing and subscriptions, change system-wide system settings, run all installed programs, add new programs, install new hardware drivers and change the usernames and passwords of other user-accounts. These are therefore known as ‘admin tasks’; tasks that require the permissions of an administrator account to perform. 

This is a list of internet addresses, protocols or applications that you know is safe to use and that you need to access. The list can be added to certain types of software, which receive communication from people you don’t know, so that anything that is not in the ‘allow list’ is blocked from being passed on, opened or installed. These lists may be used to filter email, to filter communications coming into a company network, limit a browser to specific websites or to limit which apps a mobile phone user is able to install. 

Anti malware is a type of software program created to protect computers and IT systems from malware. Anti-malware programs should be configured in line with vendors’ best practices. 

Applicant refers to your organisation which is seeking certification, or sometimes the individual who is acting as the main point of contact, depending on context. 

When software is downloaded onto a computer, the operating system checks for a digital certificate to assure the safety of the software attempting to be installed. If no digital certificate is found, then the user is alerted to this fact, and prompted to either stop or continue the installation. A digital certificate is applied to software/applications by the process of code signing which utilises public key cryptography. Code signing is an operation where a software developer or distributor digitally signs the file being sent out, to assure users that they are receiving software that does what the creator says it will. The signature acts as proof the code has not been tampered with or modified from its original form. 

This is the name of a subset of software that run inside of an operating system (rather than being an operating system themselves) to provide specific functions (word processing, web browsing, games etc.) to the user. 

Examples of application software include: Microsoft Office, Spotify, Zoom, Slack, Firefox and VLC Media Player.  

The approved software or application list is a list maintained by the organisation identifying reputable trusted sources of software. A list of approved software  or applications can be applied through technical controls like a Mobile Device Manager or through written policies where lists are provided to staff of what is and isnt allowed to be added. A list of approved software can be created in the security settings and software not listed, especially malware, cannot be added to your device. You can adjust this list as your needs change. Certain operating systems have options to allow software only from reputable sources, like the official Apple Store and identified developers only. 

Automatic deny lists can be used to block users from using passwords that are on a pre-configured list of common passwords that have been breached. Organisations can create a deny list from a file of the 100,000 most commonly breached passwords compiled by the NCSC. Automatic deny lists are also used to block browsers from visiting specific web sites or to help prevent spam and malicious email by blocking unwanted email from specified email addresses or entire domains. 

Autorun or autoplay is a feature that allows software to automatically open by itself when a USB or DVD is plugged into your device. 

It is important to disable autorun or autoplay on all operating systems and web browsers in order to avoid automatic installations of unauthorised software. When autorun or autoplay is disabled, the user is prompted to give permission every time before software is allowed to run or play. 

Biometric authentication is a method of verifying a user’s identity using something of ‘who they are’. Physical identifiers can be fingerprints, facial features, iris or retina patterns and voice. Behavioural identifiers can be gait analysis, handwriting analysis or typing patterns (how strongly a user depresses keys on their keyboard). 

This is a list of internet addresses, protocols or applications that you, or the software that you use, know are sending people malicious or unwanted content. The list can be added to certain types of software, which receive communication from people we don’t know, to block unwanted content from being passed on, opened or installed. These lists may be used to filter email, to filter communications coming into a company network, to block browsers from visiting specific web sites or even to allow a mobile phone user to block certain apps from downloading . 

For the purposes of Cyber Essentials, the boundary of scope is the firewalls and routers which are creating the first line of defence between your networks and devices and the internet. The control requirements in section 1 -Firewalls would need to be applied to these firewalls and routers. 

Brute force attacks use computers to target a login page where they try many different combinations of characters until the correct combination is found to crack the password. Depending on the length and complexity of the password and the processing power of the hacker’s computer, cracking it can take anywhere from a few seconds to many years. 

Using a long and complicated password is a good way to protect your data from a brute-force attack. 

Bring Your Own Device (BYOD) is a widespread term for when a company allows employees to use their own laptops, tablets or phones for work purposes. 

A series of on demand, remote access, subscription IT services that are delivered to companies and customers over the internet. The subscription can be paid or free. For the purposes of Cyber Essentials, a cloud service will also provide control over access and the ability to carry out administrative duties such as creating, changing or deleting accounts. 

We consider three types of cloud service: 

Commodity is a term used to describe common, low skill, low sophistication cyber attacks that rely on tools which are widely available on the internet, eg a phishing attack. 

In the context of cyber security, controls are safeguards or measures to mitigate security risks. eg configuring a firewall, installing anti-malware software. 

A corporate VPN is a virtual private network that connects back to your office location, or to a virtual or cloud firewall. You must administer the VPN so you can apply the firewall controls. 

The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR). Strict laws determine how you store people’s contact details and personal information. 

the cloud provider delivers virtual servers and network equipment that, much like physical equipment, your organisation configures and manages. Examples of IaaS include Rackspace, Google Compute Engine, or Amazon EC2.

The cloud provider delivers and manages the underlying infrastructure, and your organisation provides and manages the applications. Examples of PaaS include Azure Web Apps and Amazon Web Services Lambda.

The cloud provider delivers applications, and your organisation then configures the services. You must still make sure that the service is configured securely. Examples of SaaS include Microsoft 365, Dropbox and Gmail. 

Applications are types of software that provide specific functions. A cloud application simply refers to any software application that is delivered by a remote server and accessed over the internet rather than being hosted on a local machine.