Implementing the Essential Eight proactively can be more cost-effective in terms of time, money and effort than having to respond to a successful large- scale cyber security incident.
As businesses and government agencies connect more of their services online and provide these services to the citizens of Australia it’s important that there is a minimum level of security applied to every single one of these digital assets.
The Australian Signals Directorate (ASD) has again issued a Strategies to Mitigate Cyber Security Incidents guideline – which spells out the minimum 8 key activities organisations need to take to defend against a cyber take-down.
The ASD explains, “While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems. Furthermore, implementing the Essential Eight proactively can be more cost-effective in terms of time, money and effort than having to respond to a successful large- scale cyber security incident.”
The Essential 8 recommendation is that businesses follow a suggested implementation order for each cyber threat. At OBT for example, we assist organisations in building a strong cyber security posture for their systems, step by step. The ASD recommends that once organisations have implemented their desired mitigation strategies to an initial level, they should focus on increasing the maturity of their implementation such that they eventually reach full alignment with the intent of each mitigation strategy in the following list.
The Essential 8
- Application whitelisting of approved/trusted programs to prevent execution of unapproved/malicious programs
- Patch applications e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
- Configure Microsoft Office macro settings to block macros from the Internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
- User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the Internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
- Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing. Patch operating systems.
- Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.
- Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.
- Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
Thankfully, you may not need to know the technical ins and outs when you partner with a trusted advisor. As the 2018 Winner of the CRN Impact Award for “Most Trusted Systems in Cyber Security,” OBT has responded quickly to the ASD’s Essential 8 with “Security Anywhere” – a shield of cyber protection for Australian businesses.
With almost 20 years of hosting and consulting experience, OBT’s highly technical team is dedicated to taking the complexity out of IT security so businesses can grow in the cloud.
Our fully-managed Security Anywhere offering is designed to help protect your customers, partners and employees whilst keeping your business operational and compliant. Future proof your business and focus on what you do best with the expert assistance of Australia’s trusted and innovative IT service provider.
As a first step for businesses looking to implement the Essential 8, we’ve created SECURE365™. This cyber-shield for organisations using or moving to Microsoft O365 makes your business modern, secure, compliant and protected.