Any company that needs network security management will find it easier if they follow the Australian Cyber Security Centre’s (ACSC) Essential Eight Maturity Model, especially if your business is part of the healthcare sector.
According to the Office of the Australian Information Commissioner, the private health service industry accounted for 45 data breaches out of 245 recorded cases between July and September 2018. The finance industry ranked behind with 35 cases, followed by 34 data breaches in the legal, accounting and management services sector. Private education providers and personal services companies reported 16 and 13 data breaches, respectively.
What Are the Eight Models?
The following comprise the eight models under the ACSC’s guidelines:
• Application Whitelisting
• Patch Applications
• Configure Microsoft Office Macro Settings
• User Application Hardening
• Restrict Administrative Privileges
• Patch Operating Systems
• Multi-factor Authentication
• Daily Backups
You can determine the maturity of using these mitigation techniques based on Levels One to Three, which corresponds to “partial, mostly and fully aligned” maturity. Each level classifies specific tasks in line with the intended purpose of mitigation methods. However, the ACSC suggests fully aligned maturity for every model.
Level 3 Maturity
There are other ways to determine Level Three Maturity, but the information below provides a good illustration:
Application Whitelists
• Is used for all servers and workstations to avoid implementing executable files to approve sets
• Prevents the execution of installers, scripts and software libraries, and scripts to approve sets
• Has Microsoft-suggested block rules for stopping hackers to bypass whitelisting applications
Patch Software and Operating Systems
• Fix security issues within 48 hours
• Update or replace vendor applications that are no longer in use
• Has an automated system oversee applications and driver patches among other installations
Configure Microsoft Office Macro Settings
• Users can’t change security settings
• Only allow signed macros to execute files
• Block macros in documents coming from the Internet
• Execute documents only from Trusted Locations
User Program Hardening
• Browsers block or disable Flash content
• Has configurations for blocking advertisements and Java from the Internet
• Use extra configurations for Microsoft Office
Restrict managerial control
• Validate privileged access to systems, applications and information at least once every year
• Restrict access to few, authorized people
• Has technical security controls to prevent users from doing irrelevant tasks (e.g. reading emails)
Complex Verification
• Confirm the identity of all remote users
• Authenticate requests for remote privileged network access
• Validate requests for accessing confidential information
• Has at least two ways of authentication (e.g. one-time tokens, biometrics)
Daily Backups
• Back up all valuable data, software and configuration settings at least every day
• Store back-up files offline or online using non-rewritable and non-erasable methods
• Keep back-ups for at least three months
• Test full restoration ability of all back-up files at least once
• Repeat tests for full restoration when there are changes to IT infrastructure
Find a reliable IT service provider for network security management and ask for advice about the ACSC’s models. You should also conduct an independent audit that includes network testing to learn more about the vulnerability of your system architecture.
