Critical controls
For each control we provide a page summarising the intent and success measures for decision makers. We have a separate page providing implementation advice for practitioners.
Each year, we review our critical controls against the incidents we have seen over the past 12 months. When correctly implemented, these controls would prevent, detect, or contain the majority of the attacks we’ve seen in the past year.
Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays secure.
Using a combination of authentication security controls can protect your organisation from a wide range of unauthorised access attacks.
Even with multi-factor in place, a strong unique password is still important. Giving your people the tools to make this easy increases the likelihood of them using strong passwords that are different for each system. It also makes it easier to manage shared passwords such as your business’ social media accounts.
Storing and securing your logs in a central place makes log analysis and alerting easier.
Unused or older services and protocols often have their own vulnerabilities. Proactively scan your network for any that are not used or vulnerable, and disable them.
Tracking assets throughout their lifecycle allows your organisation to securely carry out system hardening, patching and asset decommissioning.
Application whitelisting is a method of strictly controlling what programs can be run in your environment.
The principle of least privilege means only having the access you need to do your job.
When paired together, segmentation and separation can add an additional level of access control and security to your network, systems, and data.
While macros have a valid business function, they are often used by attackers too. Using secure default configurations will help protect your machine against malicious macros.