The Essential 8

Government Guidelines

Like any industry, we are all subject to certain responsibilities to Government guidelines. When dealing with Information Technology, and as Microsoft Windows-based network engineers we have a responsibility to assist our clients to employ the right levels of protection for their Microsoft Systems.

Hall-computer-services-desktop-laptop-notepad-pen

Hall-computer-services-essential-8-security

The Australian Government understand that 99.8% of business in Australia are small-to-medium businesses, employing more than 5 million people that they are a large contributor to Australia’s prosperity. They have set up the ACSC to educate users and protect you and the Microsoft Windows system from damage or misuse from cybercrime and criminals with malicious intent.

Security Levels

The ACSC has listed eight mitigation strategies that they that advise businesses to utilize within their systems. Depending on the type of work your operation is involved in will decide the level of security you will require.

We can assist you to design and source the level of security pertinent to your business. If your business plan involves moving toward more security-sensitive or government projects we can advise and merge the additional systems needed to comply.

Hall-computer-services-boardroom-meeting-multiple-devices-aerial-view

Essential 8 – Strategies

1
Application control
Allows organisations to control what apps and drivers will run on their managed Microsoft Windows devices.
2
Patch applications
Patch management is the process of distributing and applying updates to software – these patches are to correct errors or mitigate cyber threats
3
Configure Microsoft Office macro settings
A Macro is an automated task that is in frequent use and is made up of a series of commands and instructions that group together to become a single command to make it an automated and simple command. You use one every time you click a button. Even on the Quick Access Toolbar.

Unfortunately, they can contain malicious code resulting in unauthorized access to your information. Halls Computer Service will configure macros by ensuring that they are digitally signed by trusted publishers.
4
User application hardening
We do this when we first onboard an application to ensure that it works and does so securely. It is the process of securing a server or computer system by minimising its attack surface, or surface vulnerability, and potential attack vectors
5
Restrict administrative privileges
Identify tasks that require administrative privileges to be performed. Validate which staff members are required and authorised to carry out those tasks as part of their duties
6
Patch operating systems
As part of our Quality Assurance we have a system whereby your asset management (operating systems, version types and IP addresses) are managed within our NSSP reporting system. You receive reports on any breach or mitigation steps Hall Computer Services have taken to avert anomalies or attempted breaches against your network
7
Multi-factor authentication
An authentication method that requires the user that is asking for access to anything within your network (passwords etc). The user must supply more than one (usually multiple) authentification factors e.g. a code sent to your phone, a code sent to an email, the answer to a security question etc
8
Regular backups
Overall, through an appropriate risk-based approach to your backups, including choice of media and frequency, you’ll be able to ensure that this essential control is properly handled to contribute to the best cyber security possible for your organisation.

We recommend a paired system with our Network Services Support Program (NSSP) with short incremental backup to assist with human error by losing work inadvertently and the Cloud for multiple security measures overall.

For further information see the ACSC website or call us for clarification from our Senior engineers in clear language without the confusion of industry jargon.

ACSC WEBSITE - Learn More