In the digital world, it seems like threats to your organisation’s data come from everywhere, and it’s only a matter of time before cybercriminals hit your bottom line and damage your reputation with a security breach.
Yes, it feels like a warzone out there, but there’s plenty you can do beyond crossing your fingers and hoping. At Synergy, we work with a set of Government guidelines created by the Australian Cyber Security Centre (ACSC) to help organisations plan for and survive common attacks. There’s a three-point objective:
- Prevent Cyberattacks
- Limit the Impact of Cyberattacks
- Data Recovery
The framework of strategies to hit the objectives is known as the Essential Eight. As you can imagine, this framework is constantly changing and regularly updated by the ACSC.
When our team begins working with a client, we use Essential Eight to create a security plan for the organisation or business. Ultimately, we’re looking for the best way to deliver security. It’s not a cook-cutter approach, and every company has a unique plan.
Recently, ACSC released the Essential Eight Maturity Model, which talks to businesses of different sizes and maturity and recommends the security measures they should have in place.
Maturity levels have been defined for each mitigation strategy, which is briefly explained here, along with the type of threats they might expect:
- Level Zero – There are significant weaknesses in an organisation’s overall cyber security.
- Level One – Partly aligned with the intent of the mitigation strategy. Adversaries tend to leverage commodity tradecraft to gain access and control systems.
- Level Two – Mostly aligned with the intent of the mitigation strategy. Adversaries will likely bypass security controls and actively target credentials using phishing and circumventing weak multi-factor authentication.
- Level Three – Fully aligned with the intent of the mitigation strategy. Adversaries may be more focused on particular targets and able to invest some effort into circumventing all security measures.
An organisation should reach Maturity Level Three for each mitigation strategy in an ideal world. However, it makes sense that a start-up that opened its doors yesterday doesn’t need to tick the same boxes as a large, established financial services firm with complex IT and highly-sensitive data.
To get you thinking about where your organisation’s security sits, you’ll find the components of the Essential Eight below with brief explanations. While an eight-point plan might seem overwhelming, you may not need everything in place all at once.
Our team is more than happy to talk you through a structured plan to get you to the right level of security within your maturity level and budget.
1. Application control
Here we’re talking about ensuring that trusted applications are allowed and malicious applications are blocked based on your hardware and software configuration. The strategy, of course, is to prohibit malicious software from running on the network.
2. Patch applications
No software remains impenetrable forever, so patch management makes sure Microsoft applications (for example) are regularly scanned for threats and vulnerabilities to keep your data safe. Think of it like finding a hole in a tyre. Patch the hole and you’re good to go. Ignore the problem; the tyre goes flat and the entire car is undrivable.
3. Configure Microsoft Office macro settings
Macros are increasingly a source of exploitation, so the strategy here is configuring your Microsoft Office macros settings based on the origin, trust, and users of macros.
4. User application hardening
Application hardening blocks unnecessary services (like Flash, Java, or web advertisements) that potentially carry threats to your systems. The delicate balance is ensuring blocking doesn’t affect the normal workflow of a business.
5. Restrict administrative privileges
Ensuring each team member has access to the areas they need to access and nothing more. Think about the newbie who might have access to sensitive data at the stroke of a key.
6. Patch operating systems
We’ve patched up our applications (number 2), but this is where we make sure that the operating system’s security is up to date and firing on all cylinders. This would include operating systems that run on many devices besides servers, desktops, and laptops.
7. Multi-factor authentication
MFA adds extra assurance to access and identity management by using identification systems such as apps, SMS codes, etc. MFA is not very user-friendly but very effective.
8. Regular backups
Security 101, but backups are often overlooked or done poorly. Backing up your data regularly preserves critical business information. It forms the backbone of a robust disaster and recovery strategy to get a business up and running with the least amount of financial and reputational damage.
If you’d like to know more about securing your business, please contact the Synergy IT team.