Vice President - Infrastructure & Security at Oman Airports
Automate Your Essential 8 Compliance with Runecast Analyzer
About Essential Eight (or Essential 8) Compliance
The Australian Signals Directorate (ASD) published the “Strategies to Mitigate Cyber Security Incidents”, a prioritized list of mitigation strategies to assist organizations in protecting their systems against a range of adversaries. These are customizable to your organization’s risk profile and the types of adversaries you are protecting against. The “essential” in the title refers to the effectiveness of the strategy to mitigate security risks.
The Mitigation Strategies
No single mitigation strategy will prevent all potential incidents, and organizations should apply all 8 of the mitigation strategies. These eight strategies form the Essential Eight and are detailed below.
- Application Control – prevent the execution of unapproved or malicious programs and installers.
- Patch applications – patch or mitigate any computers with ‘extreme risk’ security vulnerabilities within 48 hours. Use the latest versions of applications.
- Configure Microsoft Office macro settings to block macros downloaded from the internet. Allow only vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
- User application hardening – Configure web browsers to block Flash (ideally uninstall Flash), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
- Restrict administrative privileges to operating systems and applications based on user duties. Regularly validate the need for this level of access. Don’t use privileged accounts for regular work, reading email, and web browsing – log in as a restricted user and escalate privileges only as required.
- Patch operating systems (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Do not use unsupported versions.
- Users and administrators should use Multi-factor authentication for VPNs, RDP, SSH and other remote access, and all privileged actions or access to important (sensitive or high-availability) data repositories.
- Important new and changed data, software and configuration settings should have daily backups. These should be stored disconnected, retained for at least three months. Test restoration initially, annually, and when IT infrastructure changes.
These strategies are assessed for potential user resistance, upfront costs (staffing, support and hardware) and ongoing maintenance costs, with a rating provided for each.
Beyond Essential 8
The Australian Cyber Security Centre (ACSC) also details other mitigation strategies which businesses may require. There are nine mitigation strategies rated as having the effectiveness of “Excellent”, fifteen as “Very Good”, one as “Good”, and four with an effectiveness rating of “Limited”.
The process of checking for compliance within your VMware environments can be arduous and costly, and any kind of manual checks are subject to human error, so it is crucial to automate as much as possible.
Runecast is a patented enterprise IT platform that provides IT ops and security teams one platform for configuration monitoring, vulnerability management, security compliance, remediation, upgrade planning and reporting.
- Disruptive, patented solution that automates proactive analysis of logs, configuration drift, and security posture within your environment.
- Simple, lightweight platform that is super-easy to deploy and operates securely on-premises (no data needs to leave your control) to provide you with remediation steps before any issues can lead to a PSOD or downtime.
- Operational transparency and best practices alignment
- Real-time configuration management, vulnerability scanning and security compliance audits
- Freed up team resources (to work proactively on growth drivers)
How Runecast helps you to be audit-ready
Runecast Analyzer automates the process of checking VMware vSphere resources for compliance against Essential Eight standards – almost 30 cross-referenced checks. Each finding maps to a specific Essential Eight mitigation strategy. As with all other standards covered within Runecast Analyzer, we show the details of all of the impacted objects and both the wording from the standard and a technical translation and details of how to audit the finding and remediate any non-compliances manually.
With Runecast Analyzer, you get year-round, 24/7 visibility into your audit compliance posture. It allows you to get immediate visibility into risks and non-compliances inherent in your environment, allowing you to identify gaps between where you are and a fully compliant state and show as soon as any objects move out of compliance.
The solution runs entirely on-premises, with no data leaving your control. All analysis takes place on the Runecast Analyzer appliance. Move to a more proactive way of handling your compliance requirements!