IT Security Services

The Essential Eight

To Prevent Malware Running

Application Whitelisting

A “Whitelist” only allows selected software applications to run on computers.

WHY? All other software applications are stopped, including malware.

Patch Applications

A patch fixes security vulnerabilities in software applications.

WHY? Adversaries use known security vulnerabilities to target computers.

Disable Untrusted Microsoft Office Macros

Microsoft Office applications use software, known as “macros”, to automate routine tasks.

WHY? Macros are increasingly used to enable download of malware. Adversaries can then access sensitive information, so macros should be secured or disabled.

User Application Hardening

Block web browser access to Adobe Flash Player (uninstall if possible), web ads and untrusted Java code on the internet.

WHY? Flash, Java and web ads have long been delivery methods for malware to infect computers.

To Limit The Extent Of Incidents
And Recover Data

Restrict Administrative Privileges

Only use administrator privileges for managing systems, installing legitimate software and applying software patches. These should be restricted to only those who need them.

WHY? Admin accounts are the “keys to your IT kingdom”, so adversaries will attempt to use these accounts for full access to information and systems.

Multi-Factor Authentication

This is when a user is only granted access after successfully presenting multiple separate pieces of evidence, typically, a passphrase; physical token; and/or something like biometric data.

WHY? Having multiple levels of authentication makes it much harder for adversaries to access your information.

Patch Operating Systems

A patch fixes security vulnerability in operating systems.

WHY? Adversaries use known security vulnerabilities to target computers.

Daily Backup Of Important Data

Regularly back up all data and store it securely offline.

WHY? Backups allow your organisation to access data again if you suffer a cyber-security incident.