Data has never been more valuable — or more vulnerable — than it is right now. As cyber threats continue to rise, here’s how complying with the Essential Eight reduces risk for your organisation. Reduce risk and respond to threats with smart cyber security strategies. Understand how Essential Eight compliance protects your data.

---

What is the Essential Eight?

Developed by the Australian Signals Directorate (ASD), the Essential Eight is a set of mitigation strategies to protect organisations from cyber attack and security threats. The strategies cover prevention, minimisation, and recovery. They can be customised based on your organisation’s risk profile and level of threat.

The strategies are designed to:

• prevent cyber attacks
• limit impact from cyber attacks
• support data and systems recovery after a breach or natural disaster.

---

The Essential Eight strategies

Mitigation strategies to prevent malware delivery and execution

Mitigation strategies to limit the extent of cyber security incidents

Mitigation strategies to recover data and system availability

---

Maturity levels explained

Organisations face different threat levels depending on their size and sector. Three levels of maturity apply to each Essential Eight mitigation strategy:

Maturity Level One: partly aligned with the intent of the mitigation strategy
Maturity Level Two: mostly aligned with the intent of the mitigation strategy
Maturity Level Three: fully aligned with the intent of the mitigation strategy

Every mitigation strategy may not apply in every instance — but organisations should aim for Maturity Level Three to provide optimum protection for systems and data.

Every organisation should have a data protection strategy in place from their first day of operation. From natural disasters to cyber security incidents, no business is immune.

---

How Cohesity complies with the Essential Eight

Cohesity delivers Maturity Level Three coverage for one of the Essential Eight strategies, limiting risk and enabling recovery.

• Daily backups

Cohesity also provides compliance for three of the Essential Eight strategies, further limiting risk and enabling organisations to meet greater strategy compliance requirements.

• Patch operating systems
• Restrict administrative privileges
• Multi-factor authentication

Patch operating systems

Instead of separately patching and maintaining backup software, servers and staggered storage,  Cohesity provides a clustered solution — patching can be done one node at a time to prevent service interruption. With one click, you can patch on demand to ensure your systems are running the latest code without the risk of bringing the entire system down.

Restrict administrative privileges

Cohesity provides an out-of-the-box secure mechanism for storing and accessing data. Data is stored encrypted at rest, and is encrypted in-flight regardless of whether it’s on-premises or in the cloud. Granular access controls are used to restrict access to content within the platform and external authentication providers can be leveraged for an extra layer of protection.

Multi-factor authentication

By standardising and consolidating access to data, Cohesity makes it easier to use multi-factor authentication (MFA) for greater control. Providing support to external authentication providers for single sign-on or multi-factor authentication, Cohesity provides a single platform to simplify compliance.

Data backups for ransomware protection

In most legacy systems, a ransomware attack can render backup data useless. Cohesity writes backup data to internally accessible storage — it can’t be encrypted by a threat and is always available for data recovery. The platform makes it easy to identify metadata anomalies that may signal a ransomware attack.

Achieve Essential Eight compliance with Cohesity

Protect your data and achieve Essential Eight compliance with Cohesity’s consolidated data protection solution.

---