Essential Eight
NinjaOne helps organizations improve their cybersecurity maturity as defined in the Australian Cyber Security Centre’s Essential Eight cybersecurity framework.
Mitigation Strategies to Limit the Extent of Cyber Security Incidents
Patch Operating Systems
Ensure all endpoints are using the latest version of the appropriate operating system and don’t use unsupported versions. Patch endpoint operating systems to mitigate cybersecurity risk. Patch endpoints with ‘extreme risk’ vulnerabilities within 48 hours.
How Ninja Helps
NinjaOne automates patching for Windows, Mac, and Linux endpoints. Patch scanning and deployment schedules are distinct, allowing for daily, weekly, or monthly patch scanning and deployment. Ninja gives full control over patch approval, rejection, and deployment by patch category and criticality.
Ninja also gives full visibility into patching activity, including failures, to ensure you can effectively report on patch compliance.
Mitigation Strategies to Prevent Malware Delivery & Execution
Patch Applications
Ensure the use of the latest versions of applications. Patch applications (e.g. Flash, Java, Chrome, Microsoft Office, etc) to mitigate cybersecurity risk. Patch endpoints with ‘extreme risk’ vulnerabilities within 48 hours.
How Ninja Helps
NinjaOne automates patching for over one hundred fourty common applications. Patch scanning and deployment schedules are distinct, allowing for daily, weekly, or monthly patch scanning and deployment. Patches for unsupported applications can also be deployed via custom script and remote access tools.
Ninja also gives full visibility into patching activitiy, including failures, to ensure you can effectively report on patch compliance.
Mitigation Strategies to Recover Data and System Availability
Daily Backups
Require backup of important new / changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
How Ninja Helps
NinjaOne provides a fully-integrated data protection solution built for server and endpoint workflows. Data can be stored locally, in the cloud, or both to ensure your data protection needs are met. Users get full control over retention policies, allowing for three months or longer data retention.
Mitigation strategies Ninja may support through custom development
Restrict Administrative Privileges
Restrict privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
Ninja supports least privileged access through:
- Management of local and domain-user group membership via scripts
- Monitoring and alerting for changes in security group membership
Multi-factor Authentication
Require MFA for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.
NinjaOne requires multifactor authentication for access to the management console and related capabilites either via Ninja’s built-in MFA or via SSO through integrated IDPs.
Ninja also requires MFA to complete security-critical actions like managing users or deploying scripts.
Ninja can also be used to automate the deployment of agent-based IDP solutions to enforce MFA on endpoints.
Application Control
Prevent execution of unapproved or malicious programs including .exe, DLL, scripts, and installers.
Ninja supports least privileged access through:
- Active monitoring of application installation or removal
- Management of local and domain-user group membership
- Mass-deployment and monitoring of application control software
User Application Hardening
Configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
NinjaOne supports user application hardening via:
- Directly changing application settings via remote access
- Silently changing application settings via remote terminal, file explorer, and registry editor
- Mass deploying custom scripts to change application settings
- Mass uninstall unnecessary or unwanted applications
Microsoft Office Macro Settings
Configure settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
NinjaOne supports disabling Microsoft Office macros via:
- Directly disabling macros via remote access
- Silently disabling macros via remote registry
- Mass deploying a script to configure macro settings
Get 5 bite-sized ways to grow your business or career every week!