October 2, 2018

Our PowerShell toolkit for Cyber Essentials

Ben Hooper

Backstory

Back in August 2018, one of our partners commissioned us to create a PowerShell script that they could use to automatically and selectively revoke local administrative permissions to get IT systems compliant with the relevant parts of Cyber Essentials when those systems don’t have Active Directory Domain Services (AD DS) but do have Remote Monitoring and Management (RMM). A few days later, we had completed writing and testing the script and handed it over to the partner who were very happy with it.

This made us realise that IT departments would probably have a lot of use for a PowerShell toolkit that could automatically implement components of Cyber Essentials’ technical controls (see here and here) and/or cyber security basics in general. After all, they’d otherwise have to do so manually which takes quite a bit of time, especially for Managed Service Providers (MSPs) who would have to do so for multiple clients and who rarely have the spare time to invest in things like this.

So, we decided to: