The Essential Eight migration strategies are essential for companies and individuals to implement as a baseline for cyber security. The baseline is outlined by the Australian Signals Directorate (ASD). The ASD provides information security products for the Australian Government, and the Australian Defence Force. It also helps Australian organisations and individuals to be better informed about cyber threats.
As an Information Technology Consultancy and Helpdesk provider, MTC is responsible for applying the Essential Eight Strategies to it’s clients, group of colleagues, and friends to help prevent accidental or illegal access, corruption, theft and damage.
We believe the Australian Government will make it compulsory for organisations to be Essential Eight certified / qualified by 2026, and that all organisations and individuals should be following the security baseline already.
Patch apps
When a vulnerability is found in an application (Chrome, Firefox, Office 365), bad actors (hackers) can exploit the vulnerability to gain illegal access to your system. Patching (updating the application) stops this from happening
Patch operating systems
Hackers can access your system if Windows is not up-to-date. An example of this is Microsoft recently issued a fix for a critical vulnerability affecting Windows 11 and 10 users via its June 11, 2024 security update. The flaw allows hackers to access and compromise systems as long as they are connected to the same public Wi-fi network
Multi factor authentication
Your authentication App on your phone should have at least 20-30 2FA’s on it by now for all of your sensitive logons. If you are still same password’ing and not 2FA this is irresponsible and could lead to financial loss.
Restrict Admin Privileges
Don’t make just any-one an account admin or super-admin. Least administrative privileges possible.
App Control
Identify approved applications for your staff. Teach them to “read the screen” and not just click Next Next Next
Restrict
Office 365 Macros. Make sure Excel blocks files that contain VBA Macros
User
Application hardening. Make sure Java is uninstalled, and web-browsers do not have pop-ups. Users should not be able to change browser security settings
Recovery testing
We all backup our data (do we though?) But do we test the backups. Test recovering a critical file.