CYBER ESSENTIALS MYTHCONCEPTION 8: New Devices are Under Support

This post in our series on Cyber Essentials "Mythconceptions", tackles the myth:

    "All brand-new mobile devices are under support and compliant."

This is an unfortunate myth that is more about some mobile device manufacturers than it is about Cyber Essentials.

The Cyber Essentials standard says that all devices need to be under active support so that they will receive security updates. Devices that are not under active support are non-compliant. However, some mobile device manufacturers have abandoned support for some of their new devices shortly after they are released. This may be because the device was not as popular as they hoped, or they lost key suppliers to maintain the product line.

The result can be a relatively new device that is non-compliant for being out-of-support. As frustrating and unfortunate as this situation can be, that Cyber Essentials standard does not make an exception for devices that will never get security updates, regardless of the device's age.

Barrier's "Securely Compliant Tip" for Devices Becoming Unsupported

The following tip is offered as inspiration to help you devise a strategy for knowing when a device becomes unsupported in your organisation for compliance and beyond:

• Manufacturers post their support windows and end-of-life dates on the support sections of their site. If you are unsure about a device, you can look it up there. This is how Assessors check the support level of unusual or uncommon devices.

For any questions, contact IASME: https://iasme.co.uk/contact-us for official Cyber Essentials queries,

or Barrier Networks: https://www.barriernetworks.com/contact-us to schedule a Cyber Essentials assessment or help with anything from the Tips.