Area | Control | SMB1001 Tier 3 | SMB1001 Tier 6 | Essential 8 Maturity Level 1 |
---|---|---|---|---|
Technology Management | Technical Support Specialist | plus add a SLA with MSP | ||
Firewall | ||||
Anti Virus Software | ||||
Devices Patched | ||||
TLS / SSL Certificate on Website | ||||
Servers Patched | Includes online services and vendor mitigations. Includes internal Office Suites | |||
Scan Websites for Vulnerabilities | Vuln Scanner on internal and External Assets, inc Email, Browsers, Office Suites etc | |||
Data Encrypted At Rest | ||||
Application Control | Including on Workstations. Restricts Access to Excecutables etc | |||
Disable Microsoft Office Macros | can be disabled with notification | Except where demonstrated business Environment. With AV Scanning | ||
Conduct Penetration, Vulnerability and Social Engineering Testing |
| |||
Remove Online Services No Longer In Use | ||||
Remove OS that are no longer supported by Vendors | ||||
Browser Hardening | No IE11, No Java, No Web Ads. | |||
Education and Training | Cybersecurity Training | more involved | ||
Access Management | Change Passwords Routinely | |||
No Admin Access | Validate Requests for Access. Separate Account solely for Admin Usage. Privileged Users Internet Access Restricted. Separate Operating Environments | |||
Individual User Accounts | ||||
Password Manager | ||||
MFA on Email | no text, email or voice | All Organisation Online Services | ||
MFA on Business Applications and Social Media | no text, email or voice | All Third Party Online Services | ||
RDP over VPN | ||||
Remote Access Cloud Credentials Management | including setting up SSO and IAM | |||
MFA for Digital Data | all important digital data no text, email or voice | |||
MFA on VPNs | no text, email or voice | |||
MFA on RDP | no text, email or voice | |||
Backup and Recovery | Backup and Recovery | more involved, including testing | ||
Business Cyber Insurance | ||||
Policies, Processes and Plans | Digital Asset Register | more details | Automated Asset Discovery | |
Confidentiality Agreement for Employees | ||||
Invoice Fraud Policy | ||||
Visitor Register | ||||
Cybersecurity Policy | ||||
Incident Response Plan | including testing and more details | |||
Secure Physical Document Destruction | ||||
Secure Device Disposal | ||||
Digital Trust Program for Suppliers |
| |||
Police Checks for Employees with Admin Access |
General
Content
Integrations
0 Comments