The ‘Essential 8’, one of the cyber security models recommended by the ASD, is a framework used by many organisations within the critical infrastructure industry. It covers a number of risk areas highlighting the governance recommended and overlays this framework with a model of maturity growth, allowing organisations to continue striving to improve (maturity level 0 to level 3).
Within this model it’s easy to see how a specialist secure file sharing and collaboration platform like Objective Connect can play its part when comparing Connect against the requirements from the Essential 8 security framework. Here's a few ways that Connect supports adherence to the framework:
Application Control: Objective Connect can enforce strict application control policies by ensuring only authorised applications (such as EDRMS) can access and share sensitive data, reducing the risk of malware, and unauthorised software as well as having one source of truth for the information shared.
Patch Applications: As Connect is a cloud platform, the patching process for it ensures that all users are running the latest, most secure versions, which helps mitigate vulnerabilities.
Configure Microsoft Office Macro Settings: Once files are uploaded Objective Connect can prevent the execution of potentially harmful macros by breaking and restricting macro settings within shared documents.
User Application Hardening/Restrict Administrative Privileges: Objective Connect can disable or restrict features that are not necessary for business operations, reducing the attack surface. It does this by enforcing role-based access controls, ensuring that only authorised personnel have administrative privileges, thereby limiting the potential impact of a security breach.
Patch Operating Systems: Objective Connect can integrate with systems directly via API to ensure that operating systems are regularly patched and updated, reducing vulnerabilities.
Multi-Factor Authentication (MFA): Connect supports MFA, adding an extra layer of security to user accounts and shared virtual workspaces making it more difficult for unauthorised users to gain access.
Mandatory Reporting: The average Critical Infrastructure organisation does anywhere between 15 and 20 audits per year. That’s a lot of reporting. Objective Connect is the only application with automated formal workspace reporting so at any time you can report on who did what and when.
Like to know more about the above and how Objective Connect can help you scale for future maturity levels? If the answer is yes, then download the solution overview to:
- Understand where a specialist file sharing and collaboration application like Connect can fit into your risk and governance framework
- Learn what the risks are in external file sharing and collaboration depending on your organisation’s level of information and cyber maturity
- Discover how a specialist application like Connect can make your organisations practices both safer and more efficient