Cyber Essentials


Cyber Essentials certification for business.

cyber essentials logo

Why is Cyber Essentials Certification important to my business?

Through following the criteria of Cyber Essentials, organisations regardless of size, can have peace of mind that they have in place what is required to be protected from a range of the most common cyber-attacks.

Additionally, accredited organisations can further increase confidence in customers and stakeholders that their information is protected.

Cyber Essentials certification not only offers a clear picture of your organisations cyber security level, it can also help meet some basic requirements for future contract opportunities such as local government or similar sectors.

What does Cyber Essentials assessment include?

Cyber Essentials assessment considers all areas of your organisations IT infrastructure. It is advised that this should include all areas of your existing infrastructure. This will include all devices – such as laptops, tablets and even mobile phones – all network equipment; removable and static storage (servers) solutions; and security application throughout the infrastructure and all related policies and procedures.

Assessment will cover office-based and agile/remote working formats to ensure all areas of work and use of data are considered across the organisation.

How to achieve Cyber Essentials Certification

It is encouraged to look at your organisations IT infrastructure in phases to collate as a whole, regardless of size.


Ensure you have a full itinerary of all the devices owned or used for business purposes. For each device, consider how this maintains security such as anti-virus, firewalls, cloud access, terms of use, access restrictions where applicable. This list is not exhaustive but can be substantial depending on the range of devices and purpose of use.

It may also be advised to include considerations of devices assigned for agile or remote working purposes as this too could aid additional considerations.

Externally managed information storage and application access – Cloud-based systems:

Following the increasing shift to cloud-based technologies, cloud-based services or data hosting systems require additional control considerations. This reflects both to individual users and their access to the associated storage/applications.

This will require differing considerations in terms of data security policies and processes including implementation of firewalls, secure configuration, user access control, malware protection and security update management.

Along with storing data securely, it is also highly recommended having an appropriate data back up solution. Though not a technical requirement of Cyber Essentials, it is recognised as best practice within the industry worldwide.

Policies and procedures:

Alongside having the tools in place to keep data protected, ensuring the organisation is equipped to also support ongoing security is essential.

Through robust policies and procedures, it is demonstrable that all persons and departments within an organisation understand their role and responsibilities to keep safe. Such policies can range of safe device use training, recognising potential threats and what to do in the event of a potential incident, and even day to day safety operation such as password advice and multi-factor authentication applications.

It is worth highlighting that IT security is the responsibility of all members of an organisation. Policies and procedures should reflect this and should be documented.

Further details on Cyber Essentials and to access a simple to follow checklist can be found on the National Cyber Security Centre website.

Information Solutions Services

Premium IT solutions that work for your business

Planning and implementing effective IT Strategy

First class Technical Support from our team of IT Experts

Information Solutions Team

How can Information Solutions help?

Information Solutions can help you to implement some of the essential criteria for Cyber Essentials. Through our overall consultation service, to our partner status with worldwide recognised security tool providers such as Sophos and NinjaRMM, we can ensure your organisation has a secure IT infrastructure future.

For more information on keeping your organisation secure from cyber-attacks, our security service tools and more, get in touch today.

Our Services

Comprehensive IT Managed Services

IT Managed Services

Professional IT Support packages for businesses of all sizes. Providing bespoke IT Support from our IT experts.


Microsoft Office 365

Subscription based IT solutions from Microsoft, providing organisations with enterprise level software and systems.


Cyber & Data Security

Protecting businesses from an ever-increasing threat of online Cyber attacks. Keeping your data safe and secure.


IT Consultancy

Providing strategic advice on the implementation of IT systems and services, whatever the business or sector.


Ready to get started