Cybersecurity attacks are a major threat to every business. That said, many businesses aren’t aware of the basics of how to protect themselves against these common threats. A breach in security can be catastrophic for a business’s reputation and bottom line.
The Essential Eight is the Australian Government’s guidelines to mitigate cybersecurity incidents. Following these recommendations is absolutely critical to an organisation’s resilience in online security. Too often, we ignore learning and implementing key high-level strategies that will enhance and protect our business environment.
Prevention is always more cost-effective in the long run. So let’s dive into the Essential Eight framework to learn a bit more about the reasons behind the importance of implementing these core strategies for your business.
1. Application Whitelisting
Everybody is familiar with the concept of blacklisting. If you’re employed in a profession and get fired and then blacklisted, for example, it will be difficult getting another job within the same field and network.
Whitelisting is the opposite of this and operates in the digital world. In cybersecurity, whitelisting is the action of allowing selected applications to run on a system. Essentially, by whitelisting applications, any that are not whitelisted can be considered blacklisted, and this can change with the click of a button. This allows you to control what applications your employees can run on your network and forces compliance. Think of it like parental controls on a home TV network but with far more on the line.
Why Does Whitelisting Matter?
Whitelisting is the first line of defense against malware. Malware, or malicious software, is software intended to do harm to your computer or network. Whether in the form of a virus, trojans, spyware, worms, adware or more, malware can damage and steal information from your network.
Whitelisting applications means that all non-approved applications cannot gain access to your system. While whitelisting every computer in your organisation is a large undertaking, you can take it one step at a time. Start with high-level and high risk-users that store critical information, like your CFO and legal teams, and fan out from there.
2. Patch Applications
If you walk in a rainstorm in a worn out, holey pair of shoes your feet are going to get wet. Similarly, if you don’t patch your software applications, you leave areas for hackers to exploit. You don’t even have to step outside in the rain, the storm comes to you, so you always have to be prepared.
Do I Have to Update My Applications Often?
Software is ever changing. Third party applications update their code often to ensure they are operating at the highest standard and efficiency. It’s critical to update your applications whenever possible. In fact, “application exploitation is one of the easiest ways to break into an organisation” according to our recent VITG webinar. Most systems, like Microsoft Office, Java and Flash have automatic update reminders which you should never ignore.
3. Disable Untrusted Microsoft Office Macros
Macros are a sneaky way for hackers to install malware on your network. A macro is a series of commands grouped together in order to automatically perform a task. While incredibly useful and time-saving, they can be risky if not managed correctly.
How to Disable Untrusted Office Macros
You can easily configure Microsoft Office Macros to block all macros from the internet and untrusted locations. Essentially, you are whitelisting trusted macros to run on your network. Hackers try to sneak macros into your system that non-tech savvy users may unknowingly perceive as innocent tools. Having systems in place that automatically vet these potential hacks are crucial.
4. User Application Hardening
The internet is ripe with opportunity for hackers to break into your system. Adobe Flash and Java are full of ads that, if clicked on, will automatically install malware on a computer, which can bleed into the entire network.
How Is This Different Than Whitelisting?
Whitelisting controls which applications are allowed to run on a system, while hardening controls which parts of an application are allowed to run. In our parental controls example, rather than blocking an entire TV series, you are blocking certain episodes within the series. Even further, you can allow an older child to watch a certain episode, while disabling it for the younger one.
We recommend going through all of your commonly used applications and removing features that you do not explicitly need in your business operations. If certain users within your network need applications at their workstation, such as Flash, you can deploy that application only to that user rather than your entire network. This greatly limits risk and is a smart tactical security move.
5. Restrict Administrative Privileges
Every organisation has a hierarchy, and often only certain people within that hierarchy have access to essential privileges. Offering everybody within your organisation the right to privileged information is a dangerous and unnecessary undertaking that leaves you wide open to attacks.
Preventative Maintenance Is Key
Start by restricting administrative privileges to mission-critical players only. This keeps the window of potential attacks small and easy to manage. As you grow, you can grant access to new users on an as-needed basis, and remove that access when the need is finished. Regularly monitor who has administrative privileges and why. By keeping the circle of access small, you prevent major opportunities for breaches and attacks.
6. Patching Operating Systems
Similar to patching application systems, you need to also patch your operating systems. As operating systems become outdated, they are opened up to bigger possibilities of breaches.
Is This as Easy as I think It Is?
On a basic level, yes! You simply need to update your operating systems as soon as an update is released. You will often be automatically notified when these updates are ready to install. Furthermore, keep an eye on which systems are outdated and no longer in mainstream support. Once systems become outdated and support ceases, they are extremely vulnerable to attack. It’s like keeping your money in a bank that no longer has security guards or cameras because it’s closing soon. The thieves will do everything they can to attack you before you realise your mistake.
7. Multi-Factor Authentication
Multi-Factor Authentication is a multi-layered defense to essentially make it more difficult for an attacker to breach your system. For example, when logging into your email, the first authentication is your password, and a second authentication could be receiving an SMS to your phone and entering that code to access your account.
This Sounds Annoying and Time-Consuming – It’s not!
We should aim to make it as difficult as possible to gain access to our accounts. Too often, we use the same password across multiple accounts. This makes it incredibly easy for hackers to access our data. Deploying multi-factor authentication across all of your applications and systems is paramount to defense. This doesn’t have to be painful for the end user, using conditional access and authentication tools like Microsoft Authenticator simplifies the process.
8. Daily Backup of Important Data
Backup often and backup everything! If there is a cybersecurity incident, you’ll want to be able to access your information to get you back on your feet as quickly as possible.
There is a misconception that if you are using a service like Microsoft 365 or Microsoft Azure that your data is backed up. It isn’t, so you must ensure that you implement a third part backup product to protect your data in the cloud.
Don’t forget to take into account business continuity that covers new and old data alike. They should be detached from your primary systems so that if your systems do get compromised, hackers cannot access and attack your backups.
How Can I Backup My Data?
We recommend using multiple sources to backup your data. The more, the better! You can backup to hard drives, USB drives and external drives, as well as to the cloud.
Webinar
To learn about the strategies in greater detail, watch our webinar below. We teamed up with industry leading cyber security experts from Sophos to teach you how to successfully implement the strategies in your business.
Conclusion
Preventative maintenance is fundamental in cybersecurity. The ASD Eight is a fantastic resource that we should reference when setting up security for our business. While it doesn’t cover every critical piece of security, it does offer a broad starting point for new businesses.
Educate your employees and users on why security is important and train them in best practices for avoiding schemes, such as phishing. The more we collectively know, the better we can do at protecting our business from breaches.
Powernet: Your Next Step Towards Compliance
At Powernet, we firmly believe that when it comes to cybersecurity, the old saying of “the best defense is a good offense” really does apply.
If you have any additional questions or concerns you’d like to see addressed about this or any other essential topics, please don’t delay — contact VITG today.