Why the essential 8 is so important in business security

If you are not doing the essential 8 then you are leaving your business wide open to a cyber event!

Cybersecurity or what I call business security is all about awareness.

Awareness of what the cybercriminal can do.

Awareness around what you need to do to protect your assets

Awareness of the impact of a breach.

It is also about implementing simple and strategic tactics that protect your business.

The easiest and most effective strategies are what has been laid out as the essential 8.

First introduced in 2014 as the top 4 and changed 2 years later to the essential 8

These are 8 simple strategies every business can implement that will increase security significantly

The first two are patch it all – operating systems and applications.

All software has vulnerabilities and malware and viruses are written to target those vulnerabilities.

If you remove those vulnerabilities by patching your software it is then protected against that vulnerability.

When those systems ask to be updated then update them in a timely manner.

That includes computers, smart devices (phones and tablets) and other devices (firewalls, switches and WIFI)

2 Factor (2FA) or multi-factor authentication (MFA)

We have been bought up on user names and passwords and in today’s global business environment they are no longer enough to protect our access to accounts and services.

2FA/MFA is an additional layer of protection and it makes your accounts 99.9% more secure.

Implementing 2FA/MFA means we have who we are (username), what we know (password) and something we have.

That something can be an SMS, dongle or authentication app.

If the system has the option always utilize it.

Reduce the number of administrators.

The first account on every device is the administrator of that device, they are the “GOD” account.

You do not use that account to receive email or surf the internet as that exposes the administrator’s access to a compromise.

Macros and script management

The easiest way for your system to be compromised if for you to allow any small program to run or be installed.

Reduce the utilization of software and macros to digitally signed systems that you trust.

Back it up!

There is a rule when it comes to backups.

It is called the 3,2,1 rule of data.

Three copies of all data, in 2 different locations and one of those locations needs to be off-site and out of band.

All data storage systems like google apps and OneDrive also need a cloud-to-cloud backup system.

Once you have a backup done you need to test it regularly.

The next 2 are a little harder but common sense will apply.

Whitelisting

This is a listing of approved applications on your system.

If it is not approved it cannot be installed or it will not run correctly.

Either way, it stops malware from running and makes it harder for the cybercriminal to get a foothold on the system.

Harden your systems

All those applications that you have downloaded and used for a little while on your computer and smart devices are using resources of the device.

In some situations, they are also allowing vulnerabilities to be incorporated and exploited by the cybercriminal.

If you are not using them remove them or uninstall them.

How the essential 8 works.

If you have implemented the essential 8 then if you receive an email and open an attachment or follow a link to an infected web site then there is a high probability that the malware associated with the infection will not activate for the following reasons:

  • You have patched the system and removed that exploit.
  • You have turned off untrusted macros and scripts
  • You have stopped it from running because it is not on the whitelist
  • You have stopped it from running because the application targeted has been removed.
  • If it does get past these systems then it will only infect your system as a user, not an admin
  • If it does get in and deliver its payload you can get your data back.

The 2FA/MFA component works a little differently.

Password theft is at the top of the pile when it comes to hacking and they gather them in a number of ways.

If you have a third level of security in place then the theft of your password is easier to handle.

If someone tries to log into your 2FA/MFA account using your password you will get a notification.

You will receive a code or an authentication request – NEVER GIVE THIS CODE AWAY TO ANYONE.

If you do receive the prompt then log onto the account on your normal system and change the password.