How do you like them cyber apples?

On first glance, it’s easy to think of the HMG Cyber Essentials scheme as being a very low bar as far as security standards go. After all, it only contains a scant five requirements, which consist of:

1. Boundary firewalls and internet gateways
2. Secure configuration
3. Access control
4. Malware protection
5. Patch management

Which on the face of it, is actually pretty straightforward. However, a forthcoming HMG revision to the requirements scope may redraw your organisational landscape dramatically.The particular line reads:

“Remote devices with access to internal services are in scope, regardless of whether or not they are owned by the organisation.”

Which has the effect of making Cyber Essentials apply to all your home workers, and by inclusion, their personal phones and PCs that they use to access the office systems.

Clean-up, aisle five... ;)