date27 February 2024

Touchstar awarded ‘Cyber Essentials Plus’ certification

In February 2024, a team of external assessors conducted a thorough review of multiple IT processes and controls with the objective of evaluating the robustness of Touchstar’s protection against cyber attack. We are pleased to announce that as a result of the assessment Touchstar was awarded ‘Cyber Essentials Plus’ status.

What is Cyber Essentials?

Cyber Essentials is an effective, Government backed scheme that will helps protect organisations, whatever their size, against a whole range of the most common cyber attacks. Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked.

The Cyber Essentials process is designed to prevent these attacks. There are two levels of certification:

Cyber Essentials

A self-assessment option gives companies protection against a wide variety of the most common cyber attacks. This is important because vulnerability to basic attacks can mark organisations out as target for more in-depth unwanted attention from cyber criminals and others. Certification gives peace of mind that company defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.

Cyber Essentials shows organisations how to address those basics and prevent the most common attacks. However, as an organisation itself rooted in IT development, Touchstar felt compelled to comply with the more rigorous approach of the ‘Plus’ classification.

Cyber Essentials Plus

Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protections needed to put in place are the same, but for Cyber Essentials Plus a hands-on external technical verification is carried out.

Scope

The requirements of the Cyber Essentials Plus certification are organised under five technical controls:

1. Firewalls

2. Secure configuration

3. Security update management

4. User access control

5. Malware protection

Further details on the Cyber Essentials & Cyber Essentials Plus certifications can be found at About Cyber Essentials- NCSC.GOV.UK .