Hackers are sometimes portrayed as evil geniuses, but in most instances they are just ordinary criminals preying on the carelessness of organisations and individuals.
In most cases, companies get hacked because they fail to take the most basic precautions to protect their data – the digital equivalent of leaving your front door unlocked or a window open. They make it easy for the hackers to walk in and steal their precious data.
To counteract this problem, the Australian Signals Directorate (ASD) has issued what it describes as “The Essential Eight”, a short list of basic measures that every company should take to protect its data. It emphasises that some organisations may need to go further to protect their most valuable assets, but for most organisations, this short list of simple measures will set a security baseline that “makes it much harder for adversaries to compromise systems.”
Andrew Grace, Channel Manager for SecurEnvoy ANZ commented “the ASD has made recommendations that are essential to the security of our local businesses and that of the identities of their employees. We have a solution that takes less than an hour to download, deploy and manage users; I would make the installation a necessity for 2017”.
So what are they?
The first four are designed to stop malware running on your systems:
* Application whitelisting – you define which programs can run on your systems, and ban the rest. This keeps out the rogue apps (and also stops people spending their days playing games like Angry Birds.)
* Patch applications regularly. Hackers try to exploit known vulnerabilities, and rely on companies not keeping their software up to date.
* Disable untrusted Microsoft Office macros – these are becoming a common channel for malware.
* Harden user applications – block Web browser access to Adobe Flash player
(uninstall if possible), Web advertisements and untrusted Java code on the Internet.
The second four limit the extent of incidents and help recover data:
* Restrict administrative privileges – admin rights are the “keys to the kingdom” and should be limited to those who need them. Don’t rely on default passwords.
* Patch operating systems
* Back up important data on a daily basis.
* Apply multi-factor authentication – don’t just rely on user name and password to authenticate users. Add a second factor, such as a mobile phone to receive an authentication code that users can enter in addition to their password.
All of these measures can be implemented swiftly and at little cost. It is just a matter of getting organised.
The final measure – multi-factor authentication (MFA) – is especially important because unauthorised access is the most common cause of a security breach (45% of breaches in 2015 according to IBM research).
And MFA is no longer difficult or hard to implement. On the contrary, SecurEnvoy can provide an organisation with a solution within a couple of hours in some cases. Its Tokenless technology exploits the power of mobile phones to deliver one-time access codes to users; this mean a hacker with stolen passwords is no longer able to access users’ accounts.
It is a simple and effective way to shut out the hackers, and truly deserves to be one of the ASD’s “Essential Eight”.
The post Australian Signals Directorate (ASD) has issued new guidelines for baseline security appeared first on SecurEnvoy Blog.