Please enable JavaScript.

Coggle requires JavaScript to display documents.

Cyber Essentials Framework (by Chani Simms) - Coggle Diagram

- - - - Change default admin password
      - Prevent access to admin interface from internet (Don't let your MSP managing your firewall directly over the internet)
      - Block all inbound connections by default and configure rules to selectively allow approved services
      - Disable unnecessary or no longer used firewall rules
      - Always use software firewalls on devices
      - Inbound firewall rules have approved & documented business case
    - - Have documented user account creation and approval process
      - Authenticate users
      - Remove or disable unused accounts
      - Implement Multi factor authentication
      - Use separate accounts to perform admin only activities
      - Admin account review process
      - Use non admin standard user accounts for day-to day work
    - - Software is licensed and supported
      - Unsupported software is removed / segregated
      - Enable automatic updates where possible
      - Apply critical and high vulnerability updates within 14 days
    - - Remove and disable unnecessary user accounts
      - Change any default or guessable passwords (min12)
      - Remove & disable unnecessary software
      - Disable auto run feature
      - Ensure authentication of users before allowing access to business data (having a unique username and password for non-repudiation)
      - Ensure appropriate device locking (min 6 character PIN)
      - Enable two-factor/ MFA (Multifactor Factor Authentication)
    - - Anti malware software use
      - Application allow listing
      - Application sandboxing