ACSC Essential Eight Uplift Services
1. Application Control
We implement allowlisting using Microsoft Defender Application Control (WDAC) and AppLocker, ensuring only approved applications are permitted.
2. Patch Applications
We automate patching with Microsoft Intune and Defender Vulnerability Management to address known application vulnerabilities.
3. MS Office Macro Settings
We configure Microsoft 365 and Group Policy to disable untrusted macros and reduce risk from embedded code.
4. User Application Hardening
Harden browsers, PDF readers and Office apps with baseline policies, reducing attack surface for common exploits.
5. Restrict Admin Privileges
Use Entra ID roles, Just-in-Time access, and Privileged Identity Management to control administrative privileges.
6. Patch Operating Systems
Automate Windows/Linux OS patching with compliance reporting for visibility and assurance across all assets.
7. Multi-Factor Authentication
Enforce MFA using Entra ID for all users and applications to block credential theft and phishing attacks.
8. Regular Backups
Implement immutable, encrypted backups with DR testing across hybrid environments for fast, secure recovery.
