Australian Cyber Security Centre (ACSC) recommends eight essential strategies to protect your network, while still being cost effective to businesses. While no strategy can make you immune to cyberattacks, practicing Essential Eight makes it much harder for attackers to compromise systems. Read below to understand how Endpoint Central helps you in improving the security posture of your organization by facilitating the implementation of these controls.

Should your organization comply with Essential Eight?

If you are an Australian organization, yes. The Australian government mandates compliance across all eight cybersecurity controls of Essential Eight.

What is Essential Eight?

The Essential Eight strategy is developed by The Australian Cyber Security Centre (ACSC) to protect Microsoft Windows-based internet-connected networks. It includes a set of eight strategies that enterprises need to achieve for cyber protection. The framework has 5 maturity levels which suit each business's risk category:

Maturity Level Zero

Not aligned with mitigation strategy objectives.

Maturity Level One

Partially aligned with mitigation strategy objectives.

Maturity Level Two

Mostly aligned with mitigation strategy objectives.

Maturity Level Three

Fully aligned with mitigation strategy objectives.

Maturity Level Four

Customized strategies to align with, for high risk environments.

How does Endpoint Central help you achieve Essential Eight?

eec-clip-1

Patch applications

  • ACSC requires you to keep systems up-to-date with all the latest patches for your applications will prevent any existing vulnerabilities from being exploited.
  • The best way to address this problem, is to have a systematic, automated and affordable solution that is robust and manages patches effectively.
  • Endpoint Central provides fully automated patch management solutions for Windows, Mac, Linux, and third-party applications. Using Endpoint Central, IT admins can automate patch deployment every step of the way, and save time, effort and help desk resources.
eec-clip-1

Allowlist applications

  • ACSC requires businesses to have control over applications that exist inside their corporate network. Application allowlisting is a procedure where only authorized and trusted applications, as defined by IT administrators, can be installed and run.
  • Endpoint Central scans your network periodically to fetch software details, and detect any changes in the network.
  • You can detect the presence of risky software like BitTorrent, Pando, Usenet, End-of-life software and uninstall them immediately. You can leverage application allowlisting to ensure that these applications are never allowed to be executed in the endpoints.
  • Endpoint Central allows you to prohibit software and add an auto uninstall policy, in few clicks.
eec-clip-2

Harden user applications

  • Not all applications are secure once they’ve been patched. For example, even if a browser is updated, its add-ons and extensions might be outdated, which can pave the way for browser-based threats.
  • Admins can configure the browser settings in a single click, and deploy them to users' browsers centrally, regardless of their physical location.
  • Once configured, users cannot override them, nor can they bypass the warning screen to access infected websites.
eec-clip-3

Restrict administrative privileges

  • Employees access corporate data during their daily routines for a variety of reasons. However, not every employee needs access to all data—privileges to access data should be limited to the employees who need it.
  • This is especially true for administrative privileges, which typically enables unrestricted access to data and allows modification of critical data.
  • The average employee should not have administrative access because cybercriminals can use these vast privileges to exploit business-sensitive information.
eec-clip-4

Enable multi-factor authentication

  • Relying on passwords as the only way of authentication no longer offers enough safety against today's range of threats. The uncomfortable truth is, security incidents happen when we least expect them.
  • Since Endpoint Central is largely involved in managing the endpoints of your network, we have enforced two-factor authentication (2FA) to provide an additional layer of security to validate the user's authenticity. 2FA is a proven way of boosting security since cybercriminals are deprived of access, as they will need more than just your credentials.
eec-clip-5

Patch operating systems

  • The famous Wannacry ransomware attack began with an OS vulnerability EternalBlue. Even in the case of the Meltdown and Spectre processor flaws, deploying an OS update served as a temporary relief to IT teams wanting to safeguard their business data from speculative execution threats.
  • Administrators can use Endpoint Central to scan the network, identify the missing patches, download the missing patches and deploy them to computers.
  • Automated patch management for Windows, macOS, and Linux, along with proper upgrade and image deployment procedures, can help businesses avoid known vulnerabilities in operating systems.
eec-clip-6

Block macros in Microsoft Office

  • A macro is a sequence of inputs used in a program or user interface that help automate routine tasks.
  • A cybercriminal can populate documents with hidden macros that automatically run with privileges when those documents are opened, distribute those macro-filled documents in a variety of ways, and potentially gain access to business-critical information if their macros are run.
  • Modern versions of Microsoft Office block macros by default. Endpoint Central allows you to only run macros with trusted certificates and only in controllable ecosystem with limited read and write access.
eec-clip-7

Perform daily backups

  • Perform daily backups Predefined backup plans and disaster recovery procedures are saviours in this modern cyber era.
  • Data is at the core of any business nowadays, so securing that data is of paramount importance. Endpoint Central stores information like configuration details, status of deployed configurations, and details about reports, like User Logon reports and Active Directory reports, in a database. You can backup data automatically, by scheduling a backup using Endpoint Central, or taking a backup manually.
  • You can also restore this data when required. Practicing the 4-3-2 backup rule can be highly beneficial to businesses.
  • The 4-3-2 rule includes: Creating 4 copies of your data, storing your data in 3 different formats (e.g. cloud, local drive, any USB device) and storing at least 2 copies in two different geographical locations.

Why Endpoint Central?

Over

17+ years

of experience.
Trusted by over

25,000

IT professionals.
Managing over

20 million

endpoints.
Support for

18+

languages.
Used across

190

countries.

Trusted by

Unified Endpoint Management and Security Solution
Patch ManagementSoftware DeploymentEndpoint SecurityOS DeploymentAsset ManagementMobile Device MgmtTools & Configurations