Create your strategy for the Essential Eight with Cisco Duo to improve your security posture. The Essential Eight is a prioritised list of core mitigation strategies developed by The Australian Cyber Security Centre (ACSC) to assist organisations in protecting their systems against a range of attacks. The Australian Signals Directorate (ASD) considers the Essential Eight as one of the most effective defence strategies against cybercriminals for all organisations.
This list of strategies makes it much harder for hackers to compromise systems. Implementing the Essential Eight proactively can also be more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident. The strategy focuses on three key areas of cyber security:
- Preventing attacks
- Limiting the extent of attacks
- Data recovery and system availability
By targeting these three crucial areas, the ASD discovered that the Essential Eight mitigates about 85% of all targeted cyber-attacks. The Essential Eight cybersecurity controls fall within these broader categories.
Strategies to prevent attacks
Prevents execution of unapproved/malicious programs including .exe, DLL, scripts.
Why: Prevents all non-approved applications (including malicious code) from executing.
Patch Applications (Flash, web browsers, Java, etc)
Security vulnerabilities in applications can be used to execute malicious code onto your systems. Be sure to patch/mitigate your computers with ‘extreme risk’ vulnerabilities and use the latest version of applications.
Why: Security vulnerabilities in applications can be used to execute malicious code on systems.
Patch Applications with Duo
Duo can easily identify when users are looking to access corporate resources from an out-of-date web browser. Policies can be set to remind you to self-remediate and update your browser. When needed, Duo can block resource access until a user has updated their browser.
Configure Microsoft Office macros settings
Macros can be used to deliver and execute malicious codes. Configuring your macro settings will block macros from the internet and only allow vetted macros in ‘trusted locations’.
Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.
User application hardening
Flash, ads and Java are popular ways to deliver and execute malicious code. Configure your web browsers to block these on the internet and disable unneeded features in Microsoft Office and web browsers.
Why: Flash, ads and Java are common ways to deliver and execute malicious code on systems.
User Application Hardening with Duo
Duo can set application policy based on the presence of Java or Flash. Duo can also block access when it detects all versions of Java or Flash, and limit access to the recent or most updated versions. If users attempt to access resources, and older versions of Flash or Java are detected, Duo can prompt them to update the plugin before they are granted access.
Strategies to limit the extent of cyber security attacks
Restrict administrative privileges
Admin accounts are key to gaining full access to information, operating systems and applications. Regularly revalidate the need for privileges on different accounts.
Why: Admin accounts are key accounts. Hackers use these accounts to gain full access to information and systems.
Patch operating systems
Security vulnerabilities in operating systems can be used to further the compromise of systems. Patch/mitigate computers with ‘extreme risk’ vulnerabilities and use the latest operating system version
Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.
Patch Operating Systems with Duo
Duo can detect when an end user is accessing resources on a device that is running an out-of-date operating system. Whether a laptop or mobile device, corporate-owned or BYOD, Duo can inform the employee to update their operating system. In the case of access to business-critical resources, Duo can block employees if they have not yet updated to the current version of an operating system.
Multi-factor authentication (MFA)
Stronger user authentication makes it harder for hackers to access sensitive information and systems. It is important to enable MFA so only the right users can access important data.
Why: Stronger user authentication makes it harder for hackers to access sensitive information and systems.
Strategies to recover data and system availability
Daily back ups
To ensure information can be accessed following cyber security incidents, it is important to back up new/changed data, software and configuration settings.
Why: Ensures information can be accessed following a cyber security incident (e.g. a ransomware incident).
DUO Security is a part of Cisco SASE integration
Zero Trust Network Access (ZTNA): Cisco Secure Access by Duo. Cisco Secure Access by Duo offers a comprehensive ZTNA solution to secure all access across your organisation’s applications and environment. ZTNA revolves around the concept of eliminating trust in your organisation’s network. A ZTNA model considers all resources to be external and continuously verifies trust before granting only the required access. With Duo, you can implement zero trust in your workplace by verifying the identity of users and health of devices across each access attempt. This helps prevent any unauthorised lateral movement through your environment and protects your network against compromised credentials and risky devices, as well as unwanted access to your applications and data.
Leader in Zero Trust. Cisco is a leader in Forrester’s Wave on Zero Trust two years running.
Duo offers capabilities such as:
- Simple and effective Multi-Factor Authentication (MFA)
- Complete device visibility within your organisation
- Adaptive policies
- Remote access with or without VPN
- Single Sign-On (SSO) for any and every application.
Benefits of Duo capabilities in SASE
- Establish user and device trust in every access request, no matter where it comes from
- Secure access across your applications and network
- Extend trust to support a modern enterprise across the distributed network
- Deploy rapid security protection across on-premises, cloud, remote access, and VPN in a matter of hours and days, not weeks
- Save time and costs by centralizing access security while reducing administrator management and help desk tickets.
Start your free trial of Cisco Duo
Begin your journey to comply with the Essential Eight with Cisco Duo. Your 30-day trial includes all the functionality of Duo’s Access Edition — multi-factor authentication, deep device insights, adaptive policies, single sign-on and more — so you can:
- Protect logins with two-factor authentication and easily enrol and manage users
- Get an overview of device security hygiene
- Protect on-premises apps and federated cloud apps
- Single sign-on (SSO) for cloud applications
- Enforce role-based access policies
- Monitor and identify risky devices
- Control what endpoints can access apps based on device hygiene
- Automatically encourage users to update their own devices.
To extend your 30-day free trial to a 60-day free trial, reach out to the Outcomex team.
Contact us to learn more about Essential Eight with Cisco Duo.
We are proud to offer Cisco Duo to our clients, and have a history of successful Duo deployments. Reach out to us for more information Essential Eight with Cisco Duo. Read more about our Cyber Security capabilities.
Outcomex is a Cisco Gold partner with Master Security Specialisation and were awarded Cisco 2020 APJC Technology Excellence Partner of the Year: Security. We are recurring winners of Cisco’s ANZ Security Partner of the Year with awards in 2016, 2019 and 2020.