
Get Accredited with Chess
How can you demonstrate to your customers and your prospects that their financial, personal and company data is safe in your hands? With recent government figures revealing that breaches or attacks have been identified in almost a third of UK businesses in the last year, customer concerns about the security of their data has never been higher.
A UK Government Cyber Essentials accreditation provides reassurance that you are taking proactive steps to combat cybercrime. It gives you a clear indication of how well armed you are against cyber threat — and it’s increasingly a mandatory requirement when tendering for new contracts.
Chess — Your Cybersecurity Partner
Chess CyberSecurity are acknowledged experts in the assessment of threat and vulnerabilities in IT estates. Now, as a Certification Body for the Cyber Essentials scheme, we’re able to offer the same level of expertise to businesses of all sizes and sectors.
CREST AccreditationWe’re certified by CREST, an approved accreditation body under the Cyber Essentials scheme, which demands stringent standards, including:appropriate levels of quality assurance processes, security controls, security assessment methodologies meeting CREST's additional qualification criteria signing of an enforceable Code of Conduct proven access to technical competent and qualified staff.
Cyber Essentials
Around 80% of the most common cyber attacks can be prevented through the implementation of straightforward, affordable measurements that form the Cyber Essentials Scheme. The self assessment process provides a framework for ensuring the five key technical controls are correctly in place. Chess will audit the assessment, provide an external vulnerability scan and can also, if required, provide additional consultancy to drive a successful outcome.
Cyber Essentials PlusBusinesses are required to achieve Cyber Essentials before moving on to Cyber Essentials Plus. Due to the enhanced controls that are required for CE+, additional consultancy can be arranged including a pre-audit gap analysis to enable you to assess and implement any measures identified as key to a successful accreditation process.
Cyber Essentials Plus verification in carried out both on-site and remotely by Chess CyberSecurity specialists.

Secure Your Internet Connection
Creating a buffer between your IT network and other external networks, a firewall protects your internet connection, analysing incoming traffic to identify whether access should be allowed to your network.
Cyber Essential Certification Requirement
A firewall must be configured and used on all devices, particularly those connected to public or untrusted Wi-Fi networks.
Secure Configuration
Default configurations of new software and devices are set to be as easy as possible to connect and use, which creates vulnerabilities if left unchanged. Settings should be checked, disabling and removing unneccessary fucntions and services, while default passwords should be updated before deployment. 2FA (Two-factor authentication) should be used for the most data sensitive accounts.
Cyber Essential Certification Requirement
Only necessary software, accounts and applications are used.
User Access Control
In allowing access to those — and only those — accounts (software, settings, services and functions) that your people need in their specific job role, the risk of potential damage can be minimised.
Cyber Essential Certification Requirement
Access to your data must be controlled through user accounts, with controlled administration level privileges given only to your people who specifically need them.
Malware Protection
Malware — including ransomware and viruses — comes from a range of sources, including infected email attachments or USB memory sticks. Anti-malware measures are included within the most popular operating systems. Malware can be introduced to a network when a rogue application is downloaded, so white listing, giving users the ability to install and run only applications authorised by the administrator, offers good protection. Sandboxing, running an application in an environment with restricted access to the rest of your devices and network, helps keep your data beyond the reach of malware.
Cyber Essential Certification Requirement
At least one approach, anti-malware measures, whitelisting or sandboxing must be implemented.
Keep Your Devices and Software Up To Date
Operating systems and applications become vulnerable if they are not up kept to date. In order for patches, whether new features or fixes to security vulnerabilities, to be applied, your operating systems, programmes, phones and apps should be set to "automatically update" where possible. When no longer supported, systems and applications should be considered for replacement.
Cyber Essential Certification Requirement
Devices, software and apps must be kept up to date.

Resources
Cyber Essentials Knowledge