Fresh Thoughts #1: Trouble Ahead for Cyber Essentials?

    Newsletter
Little girl looking through binoculars

Trouble ahead for Cyber Essentials?

You may have seen that the UK government's Cyber Essentials was overhauled last month.

Two changes stood out.

Great. It makes perfect sense. So, where's the issue?

If you and your team only use enterprise cloud vendors - Adobe, Google, Microsoft, Salesforce - you will essentially be fine (except for 😒... Yammer).

But if your teams are trying out innovative alternatives...

Todo lists on todoist?

Collaboration using Notion?

Jobs on Monster?

and so on...

You may have trouble ahead.

The above and a large swath of mid-tier cloud services haven't quite learnt the value of multi-factor authentication.

So what's the solution?

Three possible scenarios:

  1. From the NCSC's own review of Yammer, we may head into a world of slippery words and narrowly defined exception clauses. "It does support MFA if you just look at it like..."
  2. Innovative features may be off the table until everyone agrees that MFA is the future. Or the features are picked up by the enterprise cloud vendors.
  3. The might of the UK market and wholesale adoption of Cyber Essentials may result in all mid-tier cloud services deciding to implement MFA within the next 11 months.

In any event, Fresh Security will be carefully watching our cloud renewals; and asking questions of the NCSC and cloud services.

February 7, 2022
1 Minutes Read

Fresh Thoughts to Your Inbox

Fresh perspectives on cybersecurity every Tuesday. Real stories, analytical insights, and a slash through buzzwords.

We'll never share your email.

Related Reads

Freshsec Logo

Subscribe to Fresh Thoughts

Our weekly newsletter brings you cybersecurity stories and insights. The insights that help you cut through the bull.

We'll never share your email.

Resources

Fresh Security Support

Your Questions

Blog

Legal Bits

Your Privacy

Our Terms

Cookies