Essential 8
The Australian Signals Directorate (ASD) has developed the Essential 8. The purpose of Essential 8 is to outline 8 mitigation strategies that were developed to assist organizations to protect themselves against cyber threats.
The 8 mitigation strategies are:
- Patch applications
- Patch Operating systems
- Multi-factor authentication
- Restrict administrative privileges
- Application control
- Restrict Microsoft Office macros
- User application hardening
- Regular backups
To assist organizations with the Essential 8, the ASD created the "Essential 8 Maturity Model". For more information on the "Essential 8 Maturity Model - click here. Four maturity levels have been created to assist the organizations in identifying not only where they currently are but also where they are aiming to be. The four maturity levels are:
Maturity Level Zero - This level indicates a significant weakness in the cyber security posture of the organization.
Maturity Level One - This focuses on defending against attacks using the tools and techniques available. Threats at this level are not specific but more likely to be common vulnerabilities.
Maturity Level Two - This level aims to protect against more specific threats. Attacks at this level are by threat actors willing to spend time and effort to breach the security.
Maturity Level Three - This is designed to counter highly sophisticated attacks. Threats at this level are more than capable in their ability to carry out cyber-attacks.
Although Essential 8 was designed to help organizations, it can also be applied to users at home no matter what device(s) they use. These include
Computers - Laptops, desktops, and servers.
Phones - iPhone and Androids.
Tablet - iPads and Android-based tablets.
Smart devices (IOT) - Google speakers and Apple Home Hubs.
Whilst you may not need to block macros on a smart speaker, you can review the essential 8 and apply the practical strategies. For example, Smart speakers are managed via an app called Google Home. When creating the account and adding the Google devices to the app, make sure you limit who can manage the speaker.
For laptops and desktops, make sure you create backup jobs. These can automatically run in the background. They can be configured to back up to an external USB drive. If you accidentally delete a file, you can retrieve it. In the worst-case scenario, if you need to reinstall the operating system and applications, at least your documents, photos, and other important files have been saved.
When it comes to patching operating systems and applications, I like to use Manage Engine's Patch manager. Although I will explain more in a later post, this application allows me to manage the windows 10 updates as well as any application updates for my computers.
I also highly encourage you to set up Multi-Factor authentication whenever possible. I know that alot of people will say it's not worth it or it's too much trouble but would you rather take an extra step to login or try to explain to someone why your bank account was drained?
Implementing these strategies at home won't completely prevent an attack but it will go a long way to help keep your data secure and keep the bad guys at bay.
What are some methods that you use to keep your data safe? I'd love to hear from you!
