The Essential Eight Cyber Security Maturity Model from the Australian Government Cyber Security Centre is a collection of 8 strategies designed to prevent cyber or limit the impact of cyber-attacks and retain data recovery and system availability.
All businesses are encouraged by the AGCSC to use the Essential 8 because it significantly reduces the likelihood of getting hacked. Additionally, unlike many other security measures-it is cost-efficient and easy to set up.
For organisations engaged in government contracts, or those who receive government funding, compliance with the Essential 8 is mandatory.
WHAT: Preventing all non-approved applications from running on managed devices.
WHY: Enabling Application Control prevents users of malicious actors from running potentially harmful or inappropriate applications on managed devices.
HOW: Application Control is available via most anti-virus programs including Sophos Advanced Intercept X. Microsoft Intune also offers Application Control for customers with Business Premium or E5 licensing.
WHAT: Updating security vulnerabilities in applications within 2 weeks of a regular update or 48 hours if an exploit exists.
WHY: Keeping your applications up to date prevents malicious actors from exploiting known weaknesses within IT systems.
HOW: Many applications such as Adobe, web browsers and Microsoft Office have regular automated maintenance. Subscribing to update notification emails and rolling out manual updates will help with this.
WHAT: Deploying Microsoft’s recommended Office Macro settings.
WHY: Disabling these settings prevents malicious users from running code through trusted Office programs
HOW: You can manually disable Office Macro settings from the Trust Centre inside any Office app.
WHAT: Disabling advertisements, Flash and Java from an Internet browser. It also prevents Office from running non-required processes.
WHY: Ads, Flash and Java are popular ways to deliver and execute malicious code on systems. Disabling them prevents these sources from being interacted with by users.
HOW: You can manually disable Flash, Java and Office processes from the respective app’s settings and deploy these via registry keys.
WHAT: Restricting Admin privileges to only the required admin staff and services.
WHY: Administrator accounts provide the ‘Keys to the Kingdom’. Adversaries can use these accounts to gain full access to your data and/ or systems.
HOW: Setup ‘User’ accounts on Windows devices for all of your non-admin staff. Limit the number of staff with admin permissions in online environments and most importantly don’t share the passwords for your admin accounts.
WHAT: Keeping your devices operating systems up-to-date.
WHY: Keeping your devices up to date prevents malicious actors from exploiting known weaknesses within your IT systems.
HOW: Windows devices have monthly auto-deployed patches and weekly security updates. Prevent your users from disabling Windows updates and remind them to Restart their devices regularly.
WHAT: Adding an additional verification method to user accounts prevents them from being breached. This typically includes text confirmations and authenticator app codes.
WHY: Adding additional verification requirements prevents malicious actors from accessing accounts as the actor requires access to the additional method of verification.
HOW: System admin staff can enforce user accounts to enrol in MFA for systems such as Microsoft 365 or Google Workspace.
WHAT: Backing up company and user data to a secure cloud-based location.
HOW: Acronis Cyber Cloud Backup provides a Cloud backup service that can be linked to your Microsoft 365 or Google tenant.
Is your business keeping on top of the Essential 8? Need a hand? Get in contact with our team.
IT’S TIME TO UPGRADE YOUR IT PROVIDER. WE WORK WITH BUSINESSES THAT ARE COMMITTED TO RISING TO THE NEXT LEVEL. IS THIS YOU?