Compu-Stor Cybersecurity

Understanding the Essential 8: A Cybersecurity Foundation for businesses of all sizes

In an era of increasingly sophisticated and pervasive cyber threats, organisations must adopt robust cybersecurity measures to safeguard their digital assets. The Australian Cyber Security Centre (ACSC) has developed a set of foundational strategies known as the Essential Eight to help organisations mitigate cybersecurity incidents effectively.

The Australian Cyber Security Centre (ACSC) has mandated the implementation of the Essential Eight Mitigation Strategies for the mitigation of targeted cyber intrusions. This applies to Federal Government Agencies and Non-corporate Commonwealth Entities (NCEs). The ACSC strongly recommends that businesses of all sizes adopt these strategies.

What is the Essential 8?

Essential 8 is a baseline set of mitigation strategies recommended by the ACSC to enhance the cyber resilience of Australian organisations. The strategies were originally published in 2017 as an evolution of the Australian Signals Directorate’s Strategies to Mitigate Cyber Security Incidents. These strategies are reviewed periodically and focus on bolstering defences against common cyber threats and making it significantly harder for adversaries to compromise systems.

The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies, in the form of the Strategies to Mitigate Cyber Security Incidents, to help organisations protect themselves against various cyber threats. The most effective of these mitigation strategies are the ACSC Essential 8. The Essential Eight is part of the broader strategies to mitigate cyber security incidents and includes the following:

  1. Application Control: Ensures only approved applications can execute on a network, preventing malicious software from running.

  2. Patch Applications: Regularly updates software to protect against known vulnerabilities.

  3. Configure Microsoft Office Macro Settings: Restricts the execution of macros to prevent malicious code from compromising systems.

  4. User Application Hardening: Disables unnecessary features in applications to reduce attack surfaces.

  5. Restrict Administrative Privileges: Limits administrative access to essential personnel to minimise the risk of privilege escalation.

  6. Patch Operating Systems: Keeps operating systems up-to-date to defend against known security flaws.

  7. Multi-Factor Authentication (MFA): Requires multiple forms of verification to enhance user authentication security including third-party platforms such as Compu-Stor.

  8. Regular Backups: Ensures that data is backed up regularly to enable recovery in case of a cyber incident.

Visit the ASD’s page for more information on Strategies to Mitigate Cyber Security Incidents |

Why is the Essential 8 Important for Cybersecurity?

Cybersecurity is a multifaceted challenge, and no single strategy can provide complete protection. Implementing the Essential 8 cyber security measures offer several key benefits:

  • Enhanced Security Posture: By addressing common attack vectors, these strategies significantly strengthen an organisation’s cybersecurity defences.
  • Baseline Protection: The ACSC Essential 8 serves as a foundational layer of security, providing a baseline that organisations can build upon.
  • Cost-Effective: Implementing these strategies can prevent costly cyber incidents, reducing potential financial and reputational damage.
  • Regulatory Compliance: Adopting the Essential Eight helps organisations comply with cybersecurity regulations and standards.

How to Implement the Essential Eight Effectively

Successful implementation of the ACSC Essential 8 requires a structured approach. Here are some steps organisations can follow:

  1. Conduct a Risk Assessment: Begin with a comprehensive risk assessment to understand your organisation’s specific vulnerabilities and threat landscape.

  2. Gauge Your Maturity Level: Use the Essential Eight Maturity Model to evaluate your current cybersecurity posture and identify gaps in your defences.

  3. Prioritise Implementation: Based on your assessment, prioritise the implementation of the Essential Eight strategies, focusing on the most critical areas first.

  4. Develop an Implementation Plan: Create a clear plan, assigning responsibilities and setting timelines for each strategy.

  5. Regular Reviews and Updates: Cyber threats are constantly evolving. Regularly review and update your cybersecurity measures to ensure they remain effective.

  6. Engage Cybersecurity Experts: Consider consulting with cybersecurity experts for advice and support in implementing the Essential 8 effectively.

  7. Staff Training: Provide ongoing cybersecurity awareness training for all staff, ensuring they understand their role in maintaining a secure environment.

This blog by Essential 8 Compliance outlines the top 11 recommended compliance companies: Top 11 Essential 8 Compliance Companies – Essential 8 Compliance


Implementing the Essential 8 is a crucial step for Australian organisations looking to enhance their cybersecurity resilience. By adopting these foundational strategies, businesses can protect themselves against common cyber threats and build a robust security posture.

For those beginning their journey in cybersecurity, following the Essential Eight provides a solid framework to safeguard digital assets, ensure regulatory compliance, and minimise the risk of costly cyber incidents.


How can we help?

At Compu-Stor we hold a lot of data belonging to our customers in our Complete Information Management System (CIMS), which manages electronic documents and business records stored in our secure and compliant records management warehouse. Security is of the utmost priority, and we are continuously investing in new ways to protect your data. We are excited to introduce three new Multifactor Authentication options to our CIMS Essential package designed to provide you with greater protection and ensure businesses striving for IT Security Essential Eight maturity are compliant.

1. Microsoft Azure/ OKTA Authenticator Integration:

Customers utilising Microsoft Azure or OKTA Authenticator can now integrate with their CIMS account. This means you can use the same reliable and secure authentication method you’re familiar with from other services such as Windows or Email. In this instance, Compu-Stor is no longer required to store customer passwords as it is managed via Azure or OKTA.

2. Multi-Factor Authentication (MFA):
Customers not currently using Azure can still benefit from enhanced security with our new MFA feature. Our MFA feature adds another layer of protection by requiring multiple forms of verification before granting access to your account, for example, via an authenticator app. This significantly reduces the risk of unauthorised access, even if your password is compromised.

For more information about our CIMS Essential package visit out website at Elevate Records Management with CIMS Essential (

Contact us today to discuss how we can help you on 1300 559 778.