Request Demo
Platform CapabilitiesPolicy Creation and ManagementFile Sharing and CollaborationFile Transfer AutomationFully Governed Email DataData Streaming with Next-gen DRMControlled AI Data AccessSecure Data Intake Via Online FormsUse CasesControl Data ExchangeMeet Regulatory RequirementsSafeguard Private AI DataPartnersTechnology PartnersMSP & MSSP PartnersResellers & Channel PartnersResourcesResource CenterDevelopersCustomersCompanyAbout UsManagementInvestorsCareersTechnical SupportNewsroomTrust PageVulnerability CenterContact UsRequest Demo
Mouseover to personalize your Kiteworks website experience

Cyber Essentials Plus

Achieve UK Cyber Essentials Plus certification with verified technical controls that protect your organization against the most common cyber threats and demonstrate security commitment to partners and customers.

How Kiteworks Supports Cyber Essentials Plus Compliance

How Kiteworks Supports Cyber Essentials Plus Compliance

Cyber Essentials Plus is a UK government-backed cybersecurity certification scheme that requires organizations to demonstrate they have implemented five critical security controls through independent technical verification. Unlike the basic Cyber Essentials self-assessment, the Plus certification involves hands-on testing by an accredited assessor. Kiteworks provides the technical infrastructure and controls necessary to meet these stringent requirements across all five control areas.

The Five Security Controls and Kiteworks' Approach

Cyber Essentials Plus focuses on five fundamental technical controls that defend against the most common cyber threats. Kiteworks' Private Content Network addresses each of these controls comprehensively, ensuring organizations can pass the rigorous technical verification process.

Firewalls and Internet Gateways

Kiteworks deploys a hardened virtual appliance with built-in network firewalls, web application firewalls (WAF), and intrusion detection systems. The platform enforces strict boundary protections between internal networks and external communications, ensuring all data flows are monitored and controlled at every gateway.

  • Built-in WAF Protection: Kiteworks includes embedded web application firewall capabilities that filter and monitor HTTP traffic

  • Network Segmentation: The platform architecture enforces separation between different network zones

  • Intrusion Detection: Continuous monitoring identifies and alerts on suspicious network activity

  • DMZ Architecture: Kiteworks can be deployed in DMZ configurations to protect internal networks from external threats

Secure Configuration

Kiteworks is built on a pre-hardened virtual appliance that eliminates unnecessary services, applies secure defaults, and enforces configuration baselines. The platform undergoes regular security assessments and penetration testing to maintain its secure posture.

  • Hardened Virtual Appliance: Pre-configured with security best practices, removing unnecessary services and ports

  • Automated Updates: Regular security patches and updates are deployed systematically

  • Configuration Management: Centralized controls prevent configuration drift and unauthorized changes

  • Least-Privilege Defaults: All system components run with minimum necessary permissions

User Access Control

Kiteworks provides granular role-based access controls (RBAC) with multi-factor authentication (MFA) support. The platform integrates with enterprise identity providers through SAML 2.0, LDAP, and Active Directory, ensuring consistent access governance.

  • Role-Based Access Controls: Define precise permissions for viewing, editing, sharing, and downloading content

  • Multi-Factor Authentication: Require additional verification factors for all user access

  • SSO Integration: Connect with existing identity providers for centralized authentication

  • Privileged Access Management: Separate administrative access with enhanced controls and monitoring

Malware Protection

Kiteworks integrates with leading anti-malware solutions including ICAP-compatible scanning engines, advanced threat protection (ATP), and content disarm and reconstruction (CDR) technologies. Every file entering the platform is scanned before delivery.

  • Multi-Engine Scanning: Integration with multiple anti-malware engines for comprehensive threat detection

  • ATP Integration: Advanced threat protection catches zero-day threats and sophisticated malware

  • CDR Technology: Content disarm and reconstruction neutralizes embedded threats in documents

  • Quarantine Controls: Suspicious files are automatically quarantined for review before delivery

Security Update Management

Kiteworks maintains a systematic approach to security patching and vulnerability management. The platform provides regular updates through a controlled deployment process, ensuring critical patches are applied promptly without disrupting business operations.

  • Automated Patch Management: Regular security updates are deployed through controlled processes

  • Vulnerability Assessment: Continuous scanning identifies and prioritizes security vulnerabilities

  • Change Management: All updates follow documented change control procedures

  • Rollback Capabilities: Failed updates can be reversed quickly to maintain system availability

Comprehensive Audit Trail

Kiteworks provides immutable audit logs tracking every user action, file movement, and system event. The CISO Dashboard delivers real-time visibility into security posture, enabling organizations to demonstrate ongoing compliance during Cyber Essentials Plus assessments and produce evidence for the technical verification process.

Why Choose Kiteworks for Cyber Essentials Plus

Kiteworks simplifies Cyber Essentials Plus certification by providing a unified platform that addresses all five security controls. The single-tenant architecture, enterprise-grade encryption, and comprehensive monitoring capabilities give organizations confidence that they can pass the technical verification assessment while maintaining robust security for their sensitive data exchange.