Our experienced professionals and strategic services exist to solve the critical issues facing our clients.

 

Cyber Security.

The last thing you need is for hackers to break into your website and steal your passwords, credit card information, or worse. Statera provides cyber security consulting to keep your business safe.

 

Systems Engineering.

We have a mission to protect your network from cyber-attacks and ensure that your data stays protected. Our framework accesses risks and vulnerabilities, mitigating them with best practice strategies and ensuring compliance.

 

Project Management.

Our Cybersecurity experts manage and reduce vulnerabilities that could be exploited by hackers. Let us show you how to secure your private data, mitigate risks and help your organisation thrive.

 

Platform Solutions.

Cyber Attacks are becoming more prevalent with data breaches all too common. Statera Consulting can help you protect your data by providing comprehensive on-premises and cloud security solutions.

 
 

“Results that exceed expectation”

The Essential 8

Organisations are recommended to implement eight essential mitigation strategies from the Australian Cyber Security Centre (ACSC). This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise your system.

 

  • Prevent the execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell, and HTA), and installers. All non-approved applications (including malicious code) are prevented from executing.

  • Flash, web browsers, Microsoft Office, Java, and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications. Security vulnerabilities in applications can be used to execute malicious code on systems.

  • Blocking macros from the internet, and only allowing vetted macros with limited write access or digitally signed with a trusted certificate reduces the delivery and execution of malicious code on systems.

  • Configure web browsers to block Flash (ideally uninstall it), ads, and Java on the internet. Disable unnecessary features in Microsoft Office (e.g. OLE), web browsers, and PDF viewers as these are popular ways to deliver and execute malicious code.

  • Set up operating systems and applications based on user duties. Regularly revalidate the need for privileges. User names and passwords with full admin privilege could be used to gain full access to information and systems.

  • Patching computers with vulnerabilities and using the latest operating system version eliminates known vulnerabilities that can be exploited.

  • The use of VPNs, RDP, SSH, and other remote access for all users when they perform a privileged action or access important data.

    Stronger user authentication makes it harder for unauthorised persons to access sensitive information and systems.

  • Daily back-ups of important data, software and configuration settings should be stored for at least three months.

    Testing restoration processes initially, annually, and when IT infrastructure changes.

    This allows access to data and restoring access following any potential attack.

 

Resources and Further Reading