In our continuous efforts to knock down potential customer blockers to leveraging Microsoft Azure’s expanding offerings available in the UK, I am happy to announce that Azure has attained the UK’s Cyber Essentials PLUS badge and meets the requirements outlined in the Cyber Essentials Scheme Assurance Framework. Cyber Essentials is a UK Government defined scheme designed to help organizations assess and mitigate risks from common cyber security threats in their IT systems. Cyber Essentials requires organizations to have five technical controls in place, including boundary firewalls, secure configuration, user access control, malware protection, and patch management.
The scheme assurance framework has defined two different levels of certification:
- Cyber Essentials is a self-assessment that helps organizations check the most important IT security controls of their IT infrastructure.
- Cyber Essentials PLUS provides the same controls coverage, but with the added assurance that the implementation of these controls is independently tested by an authorized third party.
For Microsoft’s Cyber Essentials PLUS we have focused on the administration of Microsoft Azure’s production environment, ensuring that it meets the requirements outlined in the Cyber Essentials Scheme Assurance Framework. Microsoft Azure Cloud systems are frequently tested and audited to provide evidence for the industry’s leading compliance portfolio.
Go to the Service Trust Preview to review our extensive portfolio of compliance reports, trust documents, and assessments, including those related to this blog – Cyber Essentials PLUS Certificate and Cyber Essentials PLUS Compliance Report. For a comprehensive overview of Azure’s compliance portfolio, download our compliance overview paper.
For more information about United Kingdom Cyber Essentials PLUS please visit https://www.cyberaware.gov.uk/cyberessentials/.