Common mistakes are a large reason why Cyber Essentials certifications end up being failed. Here we list the most common ones and how to avoid them!
1) Not listing the version numbers or make.
This clearly covers devices, mobiles, servers, firewalls. But it also applies to Office 365 and other desktop applications (it is alarming how many have out of date desktop versions). We also appreciate you listing the versions number NOT the build number. Finally it applies to internet browsers. Which leads us perfectly into...
2) Browsers not up to date.
Yes, browser updates seem to be coming thick and fast and staying on top of them is tricky but it is essential. Out of date browsers is the second most popular reason to automatically fail an assessment. The first one would be...
3) Unsupported operating systems.
We live in a world where Microsoft is not the only operating system. Various flavours of Linux, Mac and then all the mobile operating systems need tracking. We us this handy tool to help us double check in conjunction with the CE Knowledge Hub. Many of you have Win 10 22H2 devices but these need upgrading in the next 18 months. Win 11 22H2 is finishing October. If you don’t you need to start having conversations about upgrades as early as possible.
4) Unsupported Equipment.
This is often on mobiles (remember BYOD is in scope) but is also increasingly on routers and firewalls. For example Draytek is often used in small office environments but due to Drayteks change to end of life many applications are now failing. Other devices are also failing as they are no longer supported. For example MS Surface Pro 7 is now end of life.
5) Firewall Services.
If you have homeworkers and a bunch of on prep servers, even if you dont declare it, IASME will assume you’re using a VPN. If you’re using a VPN (and for mobile workers this should be defacto for access to cloud services and company assets, especially if using public or home networks in my opinion) then the answer to this question is YES. Not no.
Failing a result significantly may embarass as well as taking up further time and money. If you want us to go over anything relating to your Cyber Essentials or Cyber Essentials Plus certifications, please feel free to get in touch.