Surpass the four key cybersecurity measures, and go beyond the Essential Eight, with Ivanti
If your organization’s turnover is more than AU$3 million a year, are you prepared for the mother of all PR disasters?
That’s not the first question which springs to the minds of today’s business owners, charity leaders, or leadership tiers of public bodies. However, it’s undoubtedly a question – or a variation of it – that information security experts are being asked.
Because if your organization is compromised and the 21st century’s most precious commodity, data, gets into the wrong hands, it’s a PR disaster. And that is, of course, on top of any immediate financial effects.
Hitting the Australian government’s “Essential Eight” in your organization’s cybersecurity policy, therefore seems sensible. So to be honest, attaining the eight should be seen as an absolute bare minimum.
The unpleasant truth of cybersecurity is not if a data breach occurs, it’s when.
So, you’ll need security expertise from Ivanti to not only undertake the eight but go above and beyond these cybersecurity measures.
There isn’t another supplier who’ll satisfy each one of the strictures of the Australian Signal Directorate’s (ASD) four key strategies – never mind the Essential Eight.
Let’s look at the eight stipulations, in turn, and see how Ivanti can help you protect against the known-knowns, and even the unknown-unknowns (with thanks to Donald Rumsfeld).
Every app your organization uses has a specific signature and can be assessed for a security profile.
Traditional whitelisting requires a lot of time and effort in creating and maintaining a list of approved applications.
The process gets more complicated once you start to update applications frequently and make changes to the approved applications list. Ivanti uses “Trusted Ownership” which introduces dynamic whitelisting and removes the need to manage a physical list of good applications.
Trusted ownership prevents the user accidentally clicking on an email attachment or executing files they are not allowed to. It also prevents things like fileless malware running within an office document as an example.
Trusted ownership also allows you IT team to rollout new applications or updates to existing applications without having to make changes to a whitelist and distribute to all your clients.
In an ideal, watertight cyber-secure world, specific applications wouldn’t be allowed to run at all. Flash-based and Java-based apps, Office Visual Basic macros, and even some PDF viewers represent risks.
However, the reality is that business-critical functions are often carried out on just this type of platform.
It’s essential, therefore, that these platforms not only receive patches to bring them up to the latest (or most secure) versions but that patching becomes part of cybersecurity policy.
Ivanti’s patch management solutions will not only patch security risk applications such as Flash, but will also keep them up to date, as new vulnerabilities become known.
Microsoft Office Macros
Office files from outside your organization are a risk – but their ubiquity means that inside the workplace, entire business functions can hinge on an Excel-based “app” or a Visual Basic macro in a Word document.
Ivanti’s cybersecurity solutions ensure that only vetted macros, or macros which have been appropriately signed by a reputable certificate authority can be used, at any time, on the company network.
User Application Hardening
Software manufacturers add features and capabilities with each new release – it’s part of the upgrade cycle, and it’s driven by reasons of economics, not for cybersecurity purposes.
Many of the “features” will never be used but can be exploited by hackers to gain access to users’ desktops.
With Ivanti, you can block browsers across the enterprise from using Flash or Java on the internet.
Microsoft OLE and certain PDF viewers can also be prevented from running at all – depending on use patterns determined by business priorities, set by you.
Restriction of Administration Privileges
Access to the base layers of operating systems and applications just isn’t necessary for most users. Ivanti allows you to assign the right level of permission for that user to do their job.
It gives end users elevated rights to specific things like installing printer drivers and can also de-elevate your administrators on certain items that you don’t want them to do, while keeping all their other administrative duties intact.
Ivanti also allows users to do ‘self-elevation’ which gives them the opportunity to run certain things with administrative rights after getting justification from the user and provide full auditing.
Patch Operating Systems
If your organization is running applications on older OSes such as Windows XP (these instances should become apparent during an IT audit), then perhaps it’s time to move these functions onto new platforms.
Unsupported operating systems present a serious security issue, and even OSes which remain in support phases by the manufacturer require updating as and when new versions appear.
While more substantial updates will require sandboxing and testing before widespread enterprise deployment, smaller stepwise point updates are usually released due to emerging security issues.
Ivanti allows your organisation to deploy patches to Windows, Linux and Mac operating systems and also to virtual environments including templates and offline machines.
Use Multi-Factor Authentication
In the case of a data compromise, simple passwords are no longer enough protection.
Instead, multifactor authentication, such as login intention confirmation from a second device, should be implemented especially for high-risk access to the protected network, such as SSH, RDP or VPNs.
Modern password managers have made access to secure areas perhaps more straightforward than it should be, and the loss of a master password can give an attacker the complete set of “keys to the castle.”
Disaster recovery takes many forms, and the basis of all of them is a backup routine which is proven to be able to remediate against data breach and loss.
DR practice should take place at least annually, with documentation of steps taken, and any change of IT topology should trigger a fresh round of recovery re-assessment and practice.
With sage advice and the technology at hand, Ivanti’s solutions can make the difference between data loss being a disaster to it being just a temporary “blip.”
While many cybersecurity vendors can offer partial security coverage of the ASD’s top four strategies for cyber protection, only Ivanti offers all the Essential Eight – all from a single supplier.
Swinburne University of Technology’s Chief Information Security Officer, Steven Cvetkovich chose Ivanti not only on the strength of its solutions but also on the company being a trusted advisor to customers.
“They’re very focused on the customer as opposed to the sale,” he said, “their unified IT approach ensured we could go through a seamless change management process and quickly define a best-practice approach for achieving the necessary transformation.”
To read more about Ivanti’s protection prowess and get in touch with a representative able to talk to you about your organization’s cybersecurity, click here.
- Rethink the hybrid cloud, and accelerate your aspirations, with NTT Communications
- Leading from the front: your people and your cybersecurity systems
- The importance of data protection and operational governance for enterprise
- Watson intelligence provides customer care, now and for the future
- Unlocking the true value of digital transformation across ANZ