The Essential Eight Maturity Model is a set of strategies devised by the Australian Cyber Security Centre (ACSC). Its purpose is to help businesses protect themselves from threats of cyberattack. Specifically designed for Windows-based operating systems connected to cyber space, there are three maturity levels you can choose to implement for each strategy.
There is no single strategy that can entirely mitigate the risk of cyber or internal threats to your systems. So ACSC created a baseline to make it much harder for outsiders to breach your system.
It is essential to plan implementation and to take a risk-based approach to determine what works best for your business.
We are posting a series of articles detailing the Essential Eight strategies to give you insight into how to better protect your business.
1. Application control
Also known as whitelisting, application control allows you to select the scripts, executables, installers and software libraries you trust. Nothing else can penetrate. It also prevents the installation and running of applications you do not authorise.
See Implementing application control is essential for more information.
2. Patch applications
Underestimating the importance of patching your apps means leaving your organisation vulnerable to cyberattacks and the resulting consequences. A good patch management strategy saves you time, money and your reputation. Implementing patches efficiently and soon after their release will ensure your organisation remains secure.
See Patch up application vulnerabilities for more information.
3. Configure Microsoft Office macro settings
Macros can contain harmful code and when someone opens a document containing a virus, it can run rampant across other documents. This can potentially corrupt important business data while moving sideways throughout your network to other users.
See Configure Microsoft Office macro settings for better security for more information.
4. User application hardening
By hardening your applications, you reduce the risk of cyber threats. Hardening eliminates vulnerabilities and increases the layers of security to protect your business. The purpose of hardening is to stop unauthorised access to internal systems through the app.
See Do your user’s applications need hardening? for more information.
5. Restrict administrative privileges
Administrative privileges are the “keys to the kingdom” so to speak. When staff have administrative privileges, they have the power to change anything whether it is intentional or by accident. By restricting administrative privileges, you minimise the potential of an attack and makes it easy to track and manage.
See Restrict administrative privileges to those who need them for more information.
6. Patch operating systems
Patching operating systems and firmware is similar to patching applications. This is vital for protecting your data. When operating systems become outdated, they expose your business to a high risk of security breaches.
See Patch operating systems for better security for more information.
7. Multifactor authentication
Passwords alone are not enough to mitigate the risks to your online security. Multifactor authentication of a user’s identity is a crucial layer of added protection. If you are not using it, then it is a weak spot in your security architecture.
See Multifactor authentication is crucial for more information.
8. Regular backups
Regularly backing up your systems is cybersecurity 101. It is vital but still too many businesses fail to back up at least important information on a regular basis. Keeping your data secure is all about its integrity, availability and confidentiality. A cyber security breach can maliciously corrupt and steal your data.
See Protect your business with regular backups for more information.
The Rightsize technical team takes the time to understand the risks to your business and work with you to design an effective solution to defend against probable events.
Contact us now for a free consultation to find out more about Essential Eight and its implementation to protect your business. Rightsize Technology is your IT department as a service. Our solutions protect you online.
About Rightsize
Enabling your business to grow efficiently and effectively – we’re the Rightsize for you.
Small businesses struggle to budget their IT operations and often spend inefficiently with less than a great return on their investment. Rightsize Technology understand. We deliver a minimum 30% reduction on IT overheads as a dedicated outside IT department for our clients. Our unlimited 24×7 support, both on and offsite increases business productivity and capacity, enabling their business to grow efficiently and effectively – we’re the Rightsize for growing small businesses. Talk to our team today for more information.