Employee device management is key to Essential Eight maturity levels

Originally featured in Enterprise IT World on 20 May, 2022.

The Essential Eight is a set of guidelines to assist government agencies and businesses to bolster cybersecurity defences. In parallel with the evolution of the Essential Eight, there has been an increased focus on compliance, particularly in critical industries. A key pillar of robust cybersecurity is rigourorus end-user device management. Attacks on endpoint devices are one of the most commonly exploited vulnerabilities for Australian organisations with more than two-thirds of cyber attacks originating from breaches to employee devices.

The challenge for many organisations is understanding where they currently are in Essential Eight maturity and how to uplift it quickly. Level One of the Essential Eight maturity model gives businesses solid protection against threat actors who leverage commodity malware, known vulnerabilities, publicly available exploits and methods that are widely available.

Moving up to maturity Level Two should be considered by taking a risk-based approach unless mandated in your industry. When you achieve this level, adversaries need to step up their efforts and invest more time and resources to carry out a successful attack. They need to be more targeted in their attacks and methods and will often rely on social engineering techniques to trick users into giving them access to systems. It’s possible to boost your maturity from Level Zero or One to Level Two on end-user devices in a matter of weeks using automation and zero touch, not the traditional 18 months of complex IT programs.

At its heart, the Essential Eight is about establishing and managing a set of security controls that make life hard for would-be attackers and minimise the potential damage should an attacker breach your defences. Controlling which applications can run on an endpoint device is important. By only allowing specific programs to execute, the likelihood of rogue and malicious software damage is reduced. End-user device management ensures applications and operating systems are patched quickly and easily with the latest security updates, shielding against threat actors who target unpatched systems.

Application and operating system patches should be installed promptly after their release. Without a robust and reliable end-user device management platform, this can be extremely challenging. In today’s hybrid/remote working environment, we can’t rely on users coming into a central office and the IT department installing system and software updates. We must leverage automation to install critical security updates wherever users are.

Even patched and endorsed applications can be exploited by motivated threat actors if they are not correctly configured or have excessive privileges. End-user device management tools can ensure the correct settings are applied and maintained, covering everything from the ability to execute macros in tools like Microsoft Office through to ensuring users don’t have unnecessary administrative privileges.

Should the worst happen and a device is compromised, one of the best ways to get the user up and running again is to retrieve their data from a backup. By ensuring that backups are taken regularly and securely stored, preferably on a cloud platform that can be easily accessed from anywhere, recovery from unexpected data loss can be made fast and easy. The backup and recovery processes can both be automated to ensure the data is safe and that recovery time is minimised.

Using reliable automation software to remotely manage end-user devices boosts your Essential Eight maturity level quickly. Modern device management platforms don’t require months of planning to deploy. They can be implemented and help boost your Essential Eight maturity in days rather than months.

If you’d like to talk to a Devicie expert or to see Devicie in action, be sure to book a demo or get in touch.

Related resources

Workplace Ninja Summit highlights day 2

Highlights from the Workplace Ninja Summit, day 2

From a deep dive on Autopilot to a look inside Endpoint Privilege Management, day two of the Workplace Ninja Summit overdelivered in great content.

Read more
Highlights from the Workplace Ninja Summit

Highlights from the Workplace Ninja Summit

I have just returned from Switzerland where I flew to attend the Workplace Ninja Summit. I’m sharing my highlights from the event.

Read more
TasICT AISA Cyber Conference .

TasICT AISA Cyber Conference – 3 things to get excited by

The TasICT AISA Cyber Conference will be held for the first time on 29 September 2022. Here’s what I’m looking forward to most.

Read more