essential eight for small business

IT audit services Effective Risk Management

essential eight for small business

The Australian Essential Eight can be achieved on a minimal budget. Here are some strategies.

How to implement the essential eight security controls

Control 1 – Application control

Strategy: Implement TrendMicro WorryFee Business Security Services Advanced. Enable Application Whitelisting.
Cost: Around $100ex / license / year.

Control 2 – Patch applications

Strategy: Determine a listing of applications that the company needs. Identify what applications are supported by software manufacturers and work on removing those that aren’t. If auto-update is available for the application, enable it. For those that require manual patching, you can outsource this to TTGA, or handle it in-house on a quarterly basis.
Cost: Software maintenance costs from software distributors.

Control 3 – MS Office Macro Settings

Strategy: Macros are usually disabled by default. This can be a quarterly check along with control 2 to ensure it remains switched off.
Cost: No cost if done in-house.

Control 4 – Application hardening

Strategy: Limit what web browsers can be used. MS Edge is currently considered the more secure browser. Uninstall others such as Chrome and Firefox etc…
Cost: No cost if done in-house.

Control 5 – Restrict admin privileges

Strategy: Make all users “Standard users”, rather than local “Administrators”. Set up an account that can authorise upgrades and only distribute the password to a limited number of users who understand what could be dangerous if installing something / running something as admin.
Cost: No cost if done in-house.

Control 6 – Patch OS

Strategy: Ensure that all users are using at least Windows 10 or higher. Ensure that the latest feature pack and patches are installed. Check quarterly along with processes in control 1 and control 2 above. If TrendMicro is implemented, a report can be generated showing the sub-version numbers of installed operating systems.
Cost: Same cost as control 1 above.

Control 7 – MFA

Strategy: Ensure that MFA is enforced on all MS 365 and Google Workspace accounts. Ideally, enforced this setting so that new accounts automatically are enrolled in MFA. Enroll PC’s in Azure AD binding for authentication.
Cost: No cost to maintain. Initial cost for TTGA to check and enforce.

Control 8 – Backups

Strategy: Implement online backup of Google Workspace.
Cost: Approx $150ex / Google Workspace user / year. The way the licensing works on this is that ALL users need to be licensed so as to backup all shared files as well. You should archive and delete any old Google accounts before implementing this. If you use SharePoint data as well, then this is an additional $150ex / MS365 account / year. Data should be consolidated into one system. Staff should never store data on USB drives, or desktops. Everything should be in Google Drive.

Get Professional Help to Solve IT Software Problems