Introduction
Cyber Essentials Plus (Level Two) is a technical audit that demonstrates protections are in place to guard against the most common forms of cyberattacks. Here, we focus on account separation checks, explaining why these tests are carried out, the benefits, what to expect, and how we help.
Aim of Account Separation Testing
- To ensure desktop and cloud services have separate accounts for administrative purposes (like configuration changes) and day-to-day activity (like web browsing and email access)
- This is similar to checking whether a sledgehammer is being used to crack a nut
- Threat actors have many different ways to gain unauthorised access to systems, and if accounts are compromised, they can cause harm, disruption, and damage
- Accounts can be set up with different levels of permissions, with the highest level typically associated with an administrator
Benefits of Account Separation
- Reduced risk and impact – if an account is compromised, the attacker has limited access to data and systems
- Appropriate security posture – providing access and data on a ‘need to know’ basis
- Improved incident response – may be easier to identify compromised accounts
- Reduced attack surface – fewer accounts with high-level access can decrease the potential targets for attackers
What to Expect
- Checks that user accounts are separate from administrator-level accounts
- Checks applied to local user account and services such as Microsoft 365
How We Help
At RB Consultancy Ltd, we support organisations looking to implement controls and/or certify to Cyber Essentials and Cyber Essentials Plus requirements:
- NCSC Cyber Advisor certified – we’re proven to help organisations understand and implement technical controls
- Vulnerability Assessment Plus certified – we have skills and tools to identify weaknesses, risk rank findings to support prioritisation, and provide remediation advice to enable swift action to be taken
- IASME Cyber Essentials Plus Assessor certified – we’ve been tested to assess organisations against the requirements and provide advice on how to apply fixes
- Cyber Essentials Plus Certification Body certified – we’re trusted to issue certificates to organisations who have met the required standards
Conclusion – Account Separation for Cyber Essentials Plus
Cyber Essentials Plus provides extra assurance that technical controls are in place to prevent common internet-based attacks. Account separation can reduce risk, impact, and attack surface. Cyber Essentials Plus tests can help ensure administrator-level accounts are not being used day to day – with testing also highlighting weaknesses that might otherwise go unnoticed. RB Consultancy Ltd offer support and guidance through the whole process – we’re certified to provide assessment, advice, and certification services. If you would like assistance with the Cyber Essentials / Cyber Essentials Plus certification, please contact us for support.
Written by Remo Belisari, Managing Director of RB Consultancy Ltd, an experienced cyber security professional cyber advisor. Remo holds certifications relating to CISSP, ISSAP, ISO 27001, Cyber Essentials, IASME Cyber Assurance, and has many years experience in IT and cyber security. Remo has a history of supporting organisations from all over the world – including a Fortune 500 in USA and over 100 organisations across the UK. The views expressed in this blog are those of the author and do not necessarily reflect the views of RB Consultancy Ltd, its clients, partners, or affiliated organisations. The content is intended for general information only.