What are the ACSC Essential 8?
The ACSC Essential 8, (expanded version of ASD Top 4) is a list of essential eight mitigation strategies for businesses and large organisations to prevent cyber security incidents. The Australian Signals Directorate (ASD), in agreement with the Australian Cyber Security Centre (ACSC) has developed the Essential 8 strategies to improve security controls, protect organisations’ computing resources and systems and keep data secure against cyber security threats.
Guide to ACSC Essential 8 Compliance
While mandatory for government agencies to an advanced maturity level 3, organisations in the private sector are increasingly looking to the ACSC Essential 8 as best practices to secure their environments and mitigate cyber security incidents. Among the most effective security measures available, implementing whitelisting, patching and restricting administrative privileges will help protect your organisation from 85% of the intrusion techniques to which the ACSC responds. Mitigate risk, reduce threat vectors, and improve remediation and recovery.
TAKE THE COMPLETE TEST BY CLICKING THE BUTTON BELOW.
You can find out if you comply with the ACSC Essential 8 by completing the test below. Should you end up failing any sections, CSW-IT can help you achieve compliance in collaboration with Ivanti.
OR ALTERNATIVELY TAKE ANY SINGULAR TEST BY CLICKING THE RELEVANT BUTTON BELOW.
Limit admin privileges without limiting productivity. Easily define who can use specific consoles, applications, and commands for servers. Allow only trusted sources and known authorised software to run and protect against ransomware & malware.
Minimising Admin Privileges
Implement a least privilege model to protect and limit lateral movement. Remove full admin rights to servers and define who can use specific devices and applications.
Patching Operating Systems
Simplify and Automate Patch Management for Physical and Virtual Servers in the Data Center. Keep desktop and server, Windows and Linux platforms up to date.
Easily patch third-party apps from the config manager and Intune consoles with no additional infrastructure or training. Automate updates and deploy patches to 3rd party applications which account for 86% of vulnerabilities.
Control how applications are configured and interact with the system and user environment.
Secure use of macros and what they can do.
Multi Factor Authentication
Enable passwordless authentication by using mobile devices as the user ID for authentication. Implement a Zero Sign on experience to remove passwords.
If you work in IT, you will know that a good back-up system is invaluable; and has probably rescued you from some sticky situations in the past.