In order to create an acceptable baseline security level for businesses, Technicalities closely aligns our security strategy with the Australian Cyber Security Centre’s ‘Essential Eight’ model.

While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.

What is it?
Application Control works by creating a list of applications approved for use in your business. Anything that tries to run that is not on the approved list is blocked.

Why is it important?
All non-approved applications, including malicious code, malware, etc that attackers try to install on your computers are prevented from executing.

What is it?
Macros are used in some Microsoft Office applications such as Word or Excel to automate routine tasks. The use of macros in your business should be assessed, and depending on business requirements, be secured by policies governing their use.

Why is it important?
Macros can be used by adversaries to deliver and execute malicious code such as the download of malware.

What is it?
Web browsers and certain applications can contain unsecure or unused features, which have become well known attack vectors for cybercriminals. Hardening involves configuring web browsers and applications to block or disable these unsecure and unused services.

Why is it important?
Unsecure and unused features in applications are often used to deliver and execute malicious code on systems.

What is it?
Multifactor authentication protects your applications by using a second source of validation, like a phone or token, to verify user identity before granting access.

Why is it important?
Stronger user authentication makes it harder for adversaries to access sensitive information and systems.

• Audit: Our security audit process provides insights into the current status of your network security. Our Engineers will undertake a detailed review of your IT infrastructure and systems. During this process we will assess your maturity against the Australian Cyber Security Centre’s ‘Essential Eight’.

• Implementation: Our Engineers have been implementing the Essential Eight controls since their inception in 2017, so we have the knowledge and skills to advise on how your business aligns to the Essential 8. We then work with you to implement the controls you require, with the operational impact on your business at the forefront of our planning.

• Monitoring: We have partnered with an award winning Australian software company to provide a platform that continuously measures the effectiveness of your organisation’s security controls against the Essential 8 Framework. The platform provides an objective, ongoing, quantitative measure of your security controls’ performance, enabling management of dynamic cyber risk.