The Essential Eight
To Prevent Malware Running
Application Whitelisting
A “Whitelist” only allows selected software applications to run on computers.
WHY? All other software applications are stopped, including malware.
Patch Applications
A patch fixes security vulnerabilities in software applications.
WHY? Adversaries use known security vulnerabilities to target computers.
Disable Untrusted Microsoft Office Macros
Microsoft Office applications use software, known as “macros”, to automate routine tasks.
WHY? Macros are increasingly used to enable download of malware. Adversaries can then access sensitive information, so macros should be secured or disabled.
User Application Hardening
Block web browser access to Adobe Flash Player (uninstall if possible), web ads and untrusted Java code on the internet.
WHY? Flash, Java and web ads have long been delivery methods for malware to infect computers.
To Limit The Extent Of Incidents
And Recover Data
Restrict Administrative Privileges
Only use administrator privileges for managing systems, installing legitimate software and applying software patches. These should be restricted to only those who need them.
WHY? Admin accounts are the “keys to your IT kingdom”, so adversaries will attempt to use these accounts for full access to information and systems.
Multi-Factor Authentication
This is when a user is only granted access after successfully presenting multiple separate pieces of evidence, typically, a passphrase; physical token; and/or something like biometric data.
WHY? Having multiple levels of authentication makes it much harder for adversaries to access your information.
Patch Operating Systems
A patch fixes security vulnerability in operating systems.
WHY? Adversaries use known security vulnerabilities to target computers.
Daily Backup Of Important Data
Regularly back up all data and store it securely offline.
WHY? Backups allow your organisation to access data again if you suffer a cyber-security incident.