By restricting the number of operating systems and applications that have admin access, you can greatly reduce your risks. Why? Well, admin accounts hold all the keys, so an attacker only needs to get access to one admin login, and they can do a lot of damage. It’s also sensible to regularly review your admin privileges. If a user doesn’t need it, don’t give it to them.
Like it or not, the threat of cyber attacks is constant for businesses of all shapes and sizes. What’s more, there are thousands of different strategies out there to fight back against all kinds of cyber incidents. Yep, it’s a real minefield.
What kinds of cyber security strategies are right for your business?
Lucky for us, the Australian Cyber Security Centre (ACSC) has recommended eight strategies for all Australian businesses to implement in order to protect themselves. This checklist, known as the Essential Eight, makes it much harder for your systems to become compromised and helps protect your data and sensitive information.
Even better, putting these strategies in place proactively is more cost-effective that having to react to a major security breach. Good, right?
Now, let’s breakdown each of the eight strategies one by one.
1. Application whitelisting
No one wants malware. Fortunately, application whitelisting of approved and trusted programs helps to stop it. How? By preventing the execution of unapproved or malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers. It works because all non-approved applications (including malicious code) are prevented from executing.
2. Patch applications
You should patch applications, e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers within 48 hours of attack to fix vulnerabilities and prevent the spread of malicious code on systems. Be as quick as you can and make sure you use the latest version of applications.
3. Configure Microsoft Office macro settings
By configuring your MS Office macro settings to block macros from the Internet, you can make sure you only allow vetted macros, either in trusted locations, with limited write access or digitally signed with a trusted certificate. This way you can keep out unwanted malware.
{{cta(‘7ecfc75b-7555-4976-8b85-b66a0bc61146’)}}
4. User application hardening
This strategy requires the configuration of web browsers to block Flash (ideally uninstall it), ads and Java. You need to disable unnecessary features in Microsoft Office (e.g. OLE), web browsers and PDF viewers too. This is because Flash, ads and Java are common ways to place malware on unsuspecting computers.
5. Restrict administrative privileges
By restricting the number of operating systems and applications that have admin access, you can greatly reduce your risks. Why? Well, admin accounts hold all the keys, so an attacker only needs to get access to one admin login, and they can do a lot of damage. It’s also sensible to regularly review your admin privileges. If a user doesn’t need it, don’t give it to them.
6. Patch operating systems
Just like patch applications, you need to patch computers (including network devices) with vulnerabilities within 48 hours. Make sure to use the latest operating system version and don’t use unsupported versions.
7. Multi-factor authentication
This strategy always leads to a few moans and groans from staff, but it’s really effective at stopping cyber attacks. It should be included for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access important or sensitive data. The idea is simple – the stronger the user authentication, the harder your system is to breach.
8. Daily backups
By performing daily backups of new or changed data, you can ensure the recovery of information following a cyber security incident. Backups should be retained for at least three months and you should test restoration initially, annually and when any IT infrastructure changes.
These eight strategies should put you and your business in a strong position in the fight against cyber threats. But before implementing any of them, you should also look to:
– Highlight which systems need protection (i.e. which systems store, process or communicate sensitive information).
– Think about which online enemies are most likely to target your systems (e.g. cyber criminals, hackers or malicious insiders).
– Select what level of protection your size of business requires.
CommuniCloud Cyber Security Solutions
If all of this is sounding a little overwhelming, don’t worry. Here at CommuniCloud, we are experts in cyber security solutions and partner with industry leading vendors such as Cisco, Jazz Networks, Agari, InfoTrust and Splunk.
Together, we can create a Cyber Security Ecosystem of both technology and professional services, tailored around your business needs.