ACSC publishes secure administration guide
The Australian Cyber Security Centre has published a new guide designed to help organisations protect network and system assets against cyberthreats.
The Secure Administration guidebook details methods of protecting accounts with privileged network access to ensure hackers do not gain access to the “keys to the kingdom”.
The report states that the goals of an attacker are far easier to achieve when privileged network or system access has been attained.
Obtaining privileged access enables wider malware propagation, more intrusive access, access to sensitive data stores and insight into detection and cybersecurity response activities.
Privileged access was abused in the majority of cases involving compromises of Australian government networks investigated by the Australian Signals Directorate’s Incident Response team, the report stated. The method was also involved in major incidents including the high-profile Sony Pictures hack of last year.
According to the report, elements of secure administration can include privileged access control, multifactor authentication, privileged workstations in secure environments, logging and auditing, network segmentation or segregation and the use of jump boxes, or hardened remote access servers.
The report also details a number of unique considerations involved in secure administration of cloud-based networks. It also offers further reading including additional guides and Microsoft’s best practice recommendations.
Emergency onboarding: what to do before and after a data breach
Organisations that have an emergency onboarding plan are better positioned to have their business...
Savvy directors are demanding more points of proof when cyber incidents occur
Pre-agreement on what a post-incident forensics effort should produce — and testing it out...
Cyber-attack prevention is better than a cure
Corporate and political decision-makers need to invest in areas that do a better job of...
