Form a Strong Baseline of Protection
You need the eight most effective strategies, form a strong base line of protection
Essential 8 Cyber Security
Application for white whistling – to control the execution of unauthorized software
Application patching – to remediate known security vulnerabilities
Restrictions of admin privileges – to limit powerful access to systems
Operating system patching – to remediate known security vulnerabilities
Configuration of office macros – to block untrusted macros
User application hardening – to protect against vulnerable functionality
Multifactor authentication – to protect against risky activities
Review back-up – to maintain the availability of critical data
Remove the time-consuming nature of onsite tasks and utilize out leading expertise and technology resources
Our process begins with a thorough evaluation to determine what areas need the most focus. From here we can tailor our support and solutions to provide the exact level of service you require. This is done through a selection of modular options each which Evotec can implement.
Cost effective – Implementing effective strategies in-house is expensive. The skills, time and technology required to put them in place and maintain them if done correctly needs a department of full time staff, by contrast our monthly fees are a drop in the ocean
Tried and Tested – All of our solutions have been developed and implemented over many years leading to numerous client success stories. We are confident the situation we propose to you will be the most effective defence against cyber attacks
Modular Deployments – we always recommend you implement all 8 essential strategies, but sometimes this isn’t possible, we offer all 8 strategies which complement already existing technologies, work solo or work as a bundle.
Essential Eight for Cyber Security
Application control is a security approach designed to protect against malware attacking systems. While application control is designed to stop malicious code, if implemented incorrectly it can prevent the installation or use of applications.
Application control can help mitigate security threats by restricting the applications and profiles that users can run and within your system. Application control moves away from the application rust model where all applications are considered trustworthy, to one where trust must be earned in order to run.
Applying patches or updates is a critical step in ensuring the security of applications, drivers, and operating systems across a network of devices. Suitable sources of information are imperative and should be monitored for information about new patches and updates
it is important for system administrators to have the right software to diagnose and fix configuration problems or gaps in the security.
Patch manager helps you extent and leverage your existing Microsoft WUSU Server, making it easier to quickly publish Microsoft and third-party changes in your environment. Microsoft update packages are automatically synchronized to the Patch Manager server, plus it is easy to build custom update packages using the Package Wizard for Microsoft patch deployment to multiple system
Third Party Patch management is for WUSU is a tedious and constant task that often requires hours of research, creation, testing, deployment, reporting and troubleshooting. Evotec help all companies using WUSU, reduce the time associated with patch management. Evotec make it easy to schedule patch maintenance tasks to run during a specific maintenance window, help you choose what systems need to be patched, and alert you by email when the process is complete.
Operating system patching is an important part of keeping IT systems and applications safe from malicious attacks that could exploit vulnerabilities
An effective patch system process can close vulnerabilities before malicious attacks or worms have an opportunity to exploit them. Evotec’s timely deployment can reduce your risks dramatically.
Microsoft office application can execute macros to automate routine tasks, files can contain embedded code, known as macros, written in the Visual Basic for applications programming language.
A macro can contain a series of commands that can be coded and recorded, they are a great tool for improving productivity, however, they can be used for malicious activities. If organisations have a business requirement for macro use, approved macros in Microsoft Office files in trusted locations ca be allowed to execute. To ensure users cannot knowingly or unintentionally alter macro security controls via a Microsoft Office application’s Trust Centre interface, organisations should apply macro security controls using Group Policy settings.
Application hardening, also known as application shielding, is the act of applying levels of security in order to protect applications from IP theft, misuse, vulnerability exploitation, tampering or even repackaging by people with ill intentions.
Application hardening is usually performed via security solutions or tools with specialised hardening capabilities that greatly increase the effort required by attackers to modify the application, making it no longer viable or worthwhile to target. The most robust tools shield applications from both static and dynamic threats.
Users with administration privileges for operating systems and applications are able to make significant changes to their configuration and operation,, modify critical security settings and access sensitive information.
Adversaries often use malicious code to attempt to exploit vulnerabilities in workstations and servers. Restricting administrative privileges makes it more difficult for an adversary’s malicious code to elevate its privileges, spread to other hosts, hide its existence, persist after reboot, obtain sensitive information or resist removal efforts.
Simply minimising the total number of privileged accounts does not meet the intent of the restricting administrative privileges strategy.
Multi-factor authentication is a security technology that requires multiple methods of authentication from independent categories of credentials to verify a users identity for a login or other transaction.
It works by combining two or more independent credentials, such as a password and a security token using biometric verification methods.
Having data backup and restoration processes and procedures is an important part of business continuity and disaster recovery planning. Such activities will also form an integral part of an overarching digital preservation policy.
When performing backups, all important data, software and configuration settings for software, network devices and other ICT equipment should be captured on a daily basis. This will ensure that should a system fall victim to a ransomware attack, important data will not be lost and that business operations will have reduced downtime.
Time and Cost
To ensure you are not wasting your resources it is important to optimise any investments that you make and get good advise in developing a thorough security plan. Using generic unsuitable or pool integrated tool sets will likely have led to bad customer experience combined with poor business operations
The two most significant strategies
Patching: The practise of regular updates or changes which correct bugs and remove security vulnerabilities. Patches are effective but require constant skilled effort to develop, ensure your provider is trusted as if built incorrectly they can lead to faults and disruptions on your services.
Whitelisting: The practise of creating a specific index of approved applications that have permission to be present and active on a computer system. This must be a dynamic list which doesn’t impede UX
With a portfolio unequalled in its breath and flexibility, over 30 years’ experience and three national offices, Evotec are committed to designing, implementing and supporting innovative technology solutions based on the unique requirements of your business.