What is Essential Eight, and how does it protect my business?
Essential Eight is a baseline security strategy recommended by the Australian Signals Directorate (ASD) to protect businesses against cyber threats. It is composed of eight strategies:
- Application Control
prevents execution of malicious programs from automatically running by having a set of pre-approved apps. - Patch Applications
helps mitigate vulnerabilities on apps that need patching. - Patch Operating System
allow you to mitigate vulnerabilities on operating systems that need patching. - Restriction of Administrative Privileges
review admin privileges on specific IT systems and provide necessary permissions only for those who need them. - Configure Microsoft Office Macros
review Office macros and current policies to prevent untrusted macros with malware from automatically running. - User Application Hardening
ensure that unauthorised applications such as Adobe Flash Player or Java applets will not be utilised in browsers that have been known to deliver malware. - Multi-Factor Authentication (MFA)
use a second factor such as a physical token or mobile device to authenticate user access. - Review Backups
ensure regular backups of data so you can get it back in case you suffer a cyber-attack.
When implemented correctly, these eight strategies can greatly help defend against common cyber threats. Understand further what the Essential Eight is, why it's important and its maturity levels in this video.