Data has never been more valuable — or more vulnerable — than it is right now. As cyber threats continue to rise, here’s how complying with the Essential Eight reduces risk for your organisation. Reduce risk and respond to threats with smart cyber security strategies. Understand how Essential Eight compliance protects your data.
What is the Essential Eight?
Developed by the Australian Signals Directorate (ASD), the Essential Eight is a set of mitigation strategies to protect organisations from cyber attack and security threats. The strategies cover prevention, minimisation, and recovery. They can be customised based on your organisation’s risk profile and level of threat.
The strategies are designed to:
• prevent cyber attacks
• limit impact from cyber attacks
• support data and systems recovery after a breach or natural disaster.
The Essential Eight strategies
Mitigation strategies to prevent malware delivery and execution
Application whitelisting
Patch applications
Configure Microsoft Office macro settings
User application hardening
Mitigation strategies to limit the extent of cyber security incidents
Restrict administrative privileges
Patch operating systems
Multi-factor authentication
Mitigation strategies to recover data and system availability
Daily backups
Maturity levels explained
Organisations face different threat levels depending on their size and sector. Three levels of maturity apply to each Essential Eight mitigation strategy:
Maturity Level One: partly aligned with the intent of the mitigation strategy
Maturity Level Two: mostly aligned with the intent of the mitigation strategy
Maturity Level Three: fully aligned with the intent of the mitigation strategy
Every mitigation strategy may not apply in every instance — but organisations should aim for Maturity Level Three to provide optimum protection for systems and data.
Every organisation should have a data protection strategy in place from their first day of operation. From natural disasters to cyber security incidents, no business is immune.
Why legacy data protection solutions are not the answer
Your organisation may have some form of data protection in place — but it may not be enough. Legacy data protection solutions generally have lots of moving parts. They rely on siloed management solutions which all need to be managed independently.
Take this example of a traditional legacy system:
• Backup software that needs to be installed on a backup server.
• You need to provide target storage for those backups to be written to.
• Backups may need to move to a tape library.
• You may need to deploy an appliance to move data off to the cloud.
Each step represents a data silo that needs to be independently managed. That may lead to duplication of data across the silos and a lack of clear visibility on storage. The backup data itself may not be accessible for anything other than a recovery operation.
Consolidated data protection with Cohesity
The industry’s first comprehensive multi-cloud platform for data management services, Cohesity delivers a consolidated data protection solution. In a single platform you can access backup software, servers, target storage and everything you need to move data to the cloud or another location with full visibility.
Cohesity efficiently stores data with duplication and compression, giving you full access and control to clone or leverage that data. Supporting data retention compliance such as APRA’s CPS 234, Cohesity allows your organisation to retain and control data for the long haul.
How Cohesity complies with the Essential Eight
Cohesity delivers Maturity Level Three coverage for one of the Essential Eight strategies, limiting risk and enabling recovery.
• Daily backups
Cohesity also provides compliance for three of the Essential Eight strategies, further limiting risk and enabling organisations to meet greater strategy compliance requirements.
• Patch operating systems
• Restrict administrative privileges
• Multi-factor authentication
Patch operating systems
Instead of separately patching and maintaining backup software, servers and staggered storage, Cohesity provides a clustered solution — patching can be done one node at a time to prevent service interruption. With one click, you can patch on demand to ensure your systems are running the latest code without the risk of bringing the entire system down.
Restrict administrative privileges
Cohesity provides an out-of-the-box secure mechanism for storing and accessing data. Data is stored encrypted at rest, and is encrypted in-flight regardless of whether it’s on-premises or in the cloud. Granular access controls are used to restrict access to content within the platform and external authentication providers can be leveraged for an extra layer of protection.
Multi-factor authentication
By standardising and consolidating access to data, Cohesity makes it easier to use multi-factor authentication (MFA) for greater control. Providing support to external authentication providers for single sign-on or multi-factor authentication, Cohesity provides a single platform to simplify compliance.
Data backups for ransomware protection
In most legacy systems, a ransomware attack can render backup data useless. Cohesity writes backup data to internally accessible storage — it can’t be encrypted by a threat and is always available for data recovery. The platform makes it easy to identify metadata anomalies that may signal a ransomware attack.
Achieve Essential Eight compliance with Cohesity
Protect your data and achieve Essential Eight compliance with Cohesity’s consolidated data protection solution.
Download “6 Steps to Better Cloud Data Management”
Secure your data and ensure full Essential Eight compliance with Cohesity.