Introduction
Cyber Essentials Plus (Level Two) is a technical audit that demonstrates protections are in place to guard against the most common forms of cyberattacks. Here, we focus on account separation checks, explaining why these tests are carried out, the benefits, what to expect, and how we help.
Aim of Account Separation Testing
- To ensure desktop and cloud services have separate accounts for administrative purposes (like configuration changes) and day-to-day activity (like web browsing and email access)
- This is similar to checking whether a sledgehammer is being used to crack a nut
- Threat actors have many different ways to gain unauthorised access to systems, and if accounts are compromised, they can cause harm, disruption, and damage
- Accounts can be set up with different levels of permissions, with the highest level typically associated with an administrator
Benefits of Account Separation
- Reduced risk and impact – if an account is compromised, the attacker has limited access to data and systems
- Appropriate security posture – providing access and data on a ‘need to know’ basis
- Improved incident response – may be easier to identify compromised accounts
- Reduced attack surface – fewer accounts with high-level access can decrease the potential targets for attackers
What to Expect
- Checks that user accounts are separate from administrator-level accounts
- Checks applied to local user account and services such as Microsoft 365
How We Help
At RB Consultancy Ltd, we support organisations looking to implement controls and/or certify to Cyber Essentials and Cyber Essentials Plus requirements:
- NCSC Cyber Advisor certified – we’re proven to help organisations understand and implement technical controls
- Vulnerability Assessment Plus certified – we have skills and tools to identify weaknesses, risk rank findings to support prioritisation, and provide remediation advice to enable swift action to be taken
- IASME Cyber Essentials Plus Assessor certified – we’ve been tested to assess organisations against the requirements and provide advice on how to apply fixes
- Cyber Essentials Plus Certification Body certified – we’re trusted to issue certificates to organisations who have met the required standards
Conclusion
- Cyber Essentials Plus provides extra assurance that technical controls are in place to prevent common internet-based attacks
- Account separation can reduce risk, impact, and attack surface
- Checks help ensure administrator-level accounts are not being used day to day
- Testing can highlight weaknesses that might otherwise go unnoticed
- We offer support and guidance through the whole process
- We’re certified to provide assessment, advice, and certification services
If you would like assistance with the Cyber Essentials / Cyber Essentials Plus certification, please contact us for support.
