What does this model mean
for my organization?
Organisations are recommended to implement these eight essential mitigation strategies as a baseline. Once organisations have implemented Level One mitigation strategies, they should strive to reach Maturity Level Three to ensure maximum protection for their organisational data.
Mitigation strategies to prevent malware delivery and execution
- Application whitelisting of approved/trusted programs to prevent execution of unapproved/malicious programs.
- Patch applications with high-risk vulnerabilities within 48 hours. Use the latest version of applications.
- User application hardening Configure web browsers to block Flash, ads, and Java on the internet. Disable unneeded features in Microsoft Office, web browsers, and PDF viewers.
- Configure Microsoft Office macro settings to block macros from the internet, and only allow vetted macros either in trusted locations with limited write access or digitally signed with a trusted certificate.
Mitigation strategies to limit the extent of cybersecurity incidents
- Restrict administrative privileges to operating systems and applications based on user duties. Regularly re-evaluate the need for privileges.
- Implement multi-factor authentication for all users when they perform a privileged action or access a sensitive data repository.
- Patch operating systems with high-risk vulnerabilities within 48 hours. Use the latest operating system version. Don't use unsupported versions.
Mitigation strategies to recover data and system availability
- Daily backups of important, new, or changed data, software, and configuration settings should be stored off-site and retained for at least three months. Test restoration initially, annually, and after any IT infrastructure change.
Take the assessment
The Essential Eight Quiz
Is your organisation prepared to tackle advanced cyberattacks?
Take our quiz to determine your organisation's maturity level and security preparedness.
Get our Essential Eight guide upon taking the assessment
Which of the following practices does your organization follow regarding the installation of software applications and executables in your environment?
How often does your organization scan applications and patch any vulnerabilities that are detected?
How does your organization manage Microsoft Office macro settings?
What steps does your organization take to harden and secure user applications?
How does your organization authorize and monitor administrative privileges to systems and applications?
How often does your organization scan and patch operating systems?
Has your organization implemented multi-factor authentication? If yes, what policies govern the MFA practices your organization follows?
Are daily backups considered an important part of your organization's security strategy?
Fill in your details to access your score report and download our comprehensive guide to the Essential Eight Maturity Model
Maturity Level One
Great news! Your organisation is aligned with the Level One of the Essential Eight Maturity Model, which means that you have the basic recommended security measures in place. Now that your baseline security has been taken care of, it is highly recommended that your organisation strives towards the highest level of maturity. To learn how you can move up the ladder, check out our comprehensive guide to the Essential Eight.Download e-book
Maturity Level Two
Good work! Your organisation is aligned with the Level Two of the Essential Eight Maturity Model, which means that you have all the standard recommended security measures in place. However, with new attack vectors emerging everyday, it is recommended that your organisation constantly strives to reach the highest level of maturity. To learn how you can improve your security posture, check out our comprehensive guide to the Essential Eight.Download e-book
Maturity Level Three
Congratulations! Your organisation is aligned with the highest maturity level of the Essential Eight Maturity Model. Your organisation has implemented advanced security measures to keep your business-critical data protected at all times. However, be careful not to become complacent, as sophisticated attack vectors are emerging every day. To stay on top of your game, check out our comprehensive guide to the Essential Eight.Download e-book
How can I improve my
The right solutions and configurations can greatly simplify the process of reaching the highest maturity level. Although there is no single solution that can address all the strategies you need to implement, the right combination of processes and IT tools can make reaching Maturity Level Three easy.
- Block applications—identify and auto-uninstall prohibited software.
- Lock a device to a single application or group of applications.
- Block executables and script execution.
- Deploy block rules on workstations and servers.
- Allow or block apps on mobile devices running Android, iOS, or Windows
- Patch over 300 Microsoft, non-Microsoft, macOS, and Linux applications.
- Update drivers and BIOS versions.
- Detect, approve, download, test, install, and validate patches and service packs.
- Schedule patch scans and deployment.
- Achieve patch compliance using advanced analytics and audits.
- Manage workstations and servers on a LAN or WAN.
Configure MS Office macro settings
- Manage MS Office settings out of the box.
- Manage MS Office macro settings through execution of custom scripts.
- Control browser plug-ins, extensions, and allowed sites for Internet Explorer, Edge, Firefox, and Chrome.
User application hardening
- Control browser plug-ins, extensions, and allowed sites.
- Leverage browser lockdown and isolation, download restrictions, and data leak prevention tools.
- Provide or restrict access to web applications.
Restrict administrative privileges
- Manage privileged access to systems, applications, and network devices.
- Exert granular control over users' accesses to resources and passwords.
- Delegate role-based access to AD, Exchange, and Microsoft 365.
- Gain visibility on and manage privileged permissions.
- Set role-based access to computers and mobile devices running Android, iOS, or Windows.
Patch operating systems
- Test and deploy OS patches for Windows, macOS, and Linux based on severity.
- Validate the status of patch deployment.
- Schedule patch scans, and identify the health status of devices.
- Identify and manage firmware vulnerabilities.
- Perform remote firmware upgrades and OS image transfers.
- Use one or more authentication techniques to verify users' identities during the password reset and account unlock process.
- Use a secure password vault for privileged and personal accounts.
- Enable authentication through AD/LDAP, PhoneFactor, email, RSA SecurelD, etc.
- Remotely log in to a wide range of systems and network devices on a LAN or WAN, and record privileged sessions.
- Perform comprehensive scheduled, incremental object and item-level backups in AD, on-premises Exchange, and Exchange Online.
- Back up the entire database of application configurations, system settings, and password share permissions through scheduled tasks or live data backup.
- Perform restart-free granular restoration.
- Automate configuration backups from over 200 multi-vendor firewalls, routers, switches, etc.
for Essential Eight security controls
Application Control Plus
Implement sophisticated endpoint privilege management and allow or block applications based on specified rules.Learn more »
Manage user identities and access, deploy adaptive MFA, protect privileged accounts with UBA, and ensure regulatory compliance for hybrid environments connecting Active Directory, Azure AD, Exchange, Microsoft 365, and more.Learn more »
Browser Security Plus
Enforce security policies, manage add-ons, restrict access to unauthorized websites, track users' web activity, and ensure compliance with security standards.Learn more »
Manage modern and legacy servers, laptops, desktops, mobile devices, and browsers from a single console.Learn more »
Mobile Device Manager Plus
Securely manage corporate and personally owned devices running Apple OSs, Android, Windows, and Chrome OS.Learn more »
Network Configuration Manager
Take full control over your network configurations. Leverage real-time change tracking and customizable compliance policies to avoid violations. Schedule automated backups, and conduct remote network operations with configlets.Learn more »
Secure administrative access to critical IT systems. Establish strict governance over privileged access pathways. Prevent security risks using cutting-edge session management capabilities and advanced analytics.Learn more »
Perform incremental or full backups and choose from multiple modes of restoration for Active Directory, Azure AD, Office 365, and Exchange environments to protect your data against ransomware and ensure unprecedented resilience during disaster recovery.Learn more »
Thank you for reaching out. We’ll get in touch with you shortly.