Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Essential 8. This is by the Australian Government - things to start with first.

5 Knows. This is a really good basic framework

Basics

Know about this stuff:

  • Passwords

  • Phishing

  • Data Storage

  • Sharing Data

  • PCI Compliance

  • Access restriction

  • Principle of least privilege 

  • Alerts for data changes

    • eg Email employee if their bank details change on the payroll system

      • Visibility

      • Logs 

  • Protecting emails - eg having rules in place for money transfers eg for Email hacking.

  • SPF / DMARC / DKIM

Pre-Steps

  • Don’t even start with these steps unless your Business Email and Document storage is in the cloud. I don’t care if it’s Microsoft 365 or GSuite, just get it.

    • If you don’t like OneDrive or Google Drive for all your documents (I use highly complex Word Documents and I don’t trust either cloud service to not stuff them up), then get Dropbox (Pro or Business) or Box.

First Steps

  • Get a Password Manager

    • 1Password Business or LastPass Enterprise. I don’t care which one, just get it.

  • Use your Password Manager

    • Every single business login needs to be in there.

    • Anything shared with your team or outside your team is only shared via the app.

    • I have both so my clients can share passwords with me via their app of choice.

  • Turn on 2 Factor Authentication for everything.

    • DO THIS NOW!

    • Yes, every app your business touches.

      • Eg Xero (now mandatory), Microsoft365, GSuite, Salesforce, Unleashed, Quickbooks, Twitter, Facebook

    • I like Authy, but it’s probably easiest to use the token generator in 1Password or LastPass. I would not use Microsoft or Salesforce specific ones unless needed (eg Salesforce needs to use theirs for Lightning Login).

    • I use a Yubikey for my most sensitive accounts - eg my GSuite, my M365, my Windows laptop, and my Salesforce.

  • Ensure the basics of Virus Protection, Malware Protection and Ransomware protection are on your devices.

    • Yes, that includes your Macs. Don’t risk your business on the myth that “Macs don’t get viruses”.

    • I use Microsoft defender.

  • Your laptop does have a secure login doesn’t it?

    • I use Windows Hello but also have my Microsoft login behind MFA using a Yubikey device.

  • Your phone does have a secure login doesn’t it?

    • I use Android fingerprint login.

Next Steps

  • Getting Started with Microsoft 365 Business security features

  • No labels