Servers and Cyber Essentials explained


Just about every business uses a server, but most of us only have a fuzzy idea of what they actually do. And it’s easy to assume that it’s too technical or complex for us non-techy types to understand. 

In reality, servers are pretty simple, and, they’re a key part of your IT infrastructure as well as having a role to play in Cyber Essentials certification. 

Here’s everything you need to know. 

What is a server? 

When most of us think of servers, we think of huge, thousand-acre data centres like this. However, most businesses have a server and they’re often of a much more modest scale. 

Any computer using the right software can be a server. Essentially, all a server does is collect and distribute information across a network. The network could be local, say within your office, or a wider network across many locations, like the internet.

For more on the different types of networks and how they work, check out our recent blog on the subject. 

How does a server work? 

Whether it’s searching Google or pulling up a file at work, you probably access servers thousands of times each day.

Taking the internet as an example, the process works something like this: 

  1. You enter a URL into your web browser
  2. The browser requests the data for the site you’ve asked it to display
  3. This information is sent to the server
  4. The web server finds all the data needed to display the site and sends it back
  5. The site you’ve requested appears on your browser

And that’s it. The whole process shouldn’t take more than a few seconds, depending on your internet speed. 

What is a virtual server? 

Servers are simple enough. But, things get a little more complicated when it comes to virtual servers. So, here’s the simplest explanation we could come up with.

A virtual server is a server that shares its resources amongst multiple users, each of whom has some control over it. It’s usually located offsite from the organisation using it, typically in a data centre. 

Think of it as a way of splitting a single, physical server into several smaller virtual servers, each of which can run its own operating system. The key advantage of this approach is cost saving. 

A virtual server is usually much more energy-efficient to run than a dedicated physical server and doesn’t require any upkeep by the businesses using it. And, you only pay for the server capacity your business actually uses – far more cost-effective than running an entire server and only using a fraction of its capability.

Servers and Cyber Essentials 

The Cyber Essentials certification questionnaire has several sections relating to servers, but what is it you need to do?

First, all servers whether virtual or physical need to be supported by the manufacturer. For example, Windows Server 2008 isn’t Cyber Essentials compliant because Microsoft stopped supporting it some time ago. This means its defences won’t have been updated to deal with new threats, making it vulnerable to attack. For more detail on the importance of updates, have a read of this.

For Cyber Essentials Plus, your servers only need to be tested by an auditor if they ‘touch’ the internet and a non-admin user can use it to browse. If you’re unsure of the difference between admin and non-admin users, never fear, we’ve put together a handy blog to help.

For both Cyber Essentials and Cyber Essentials Plus, you’ll also need to answer questions on who has access to your servers, the protections you have in place, and the software installed on your servers.

And that’s all there is to know about servers; a complex technology with a very simple job. Hopefully this blog has armed you with all the knowledge you need, but if you have any questions please get in touch, our team are always happy to help.

Looking to improve your cybersecurity but not sure where to begin? Start by getting certified in Cyber Essentials, the UK government scheme that covers all the fundamentals of cyber hygiene.

CTA button