Security Audit

Assisting companies to successfully complete security audits

Granite IT excels in assisting companies to successfully complete security audits by focusing on two critical frameworks: the Essential 8 and the Center for Internet Security (CIS) Controls. These frameworks are designed to enhance cybersecurity resilience and ensure robust defense mechanisms.

Essential 8

Granite IT provides a comprehensive approach to the Essential 8, which is a set of mitigation strategies recommended by the Australian Cyber Security Centre (ACSC) These strategies are:

  1. Application Whitelisting: Granite IT helps in setting up and maintaining a dynamic whitelist to ensure only approved applications can execute on the company’s systems.
  2. Patch Applications: They manage and automate the patching process, ensuring that all applications are up-to-date and vulnerabilities are promptly addressed.
  3. Configure Microsoft Office Macro Settings: By configuring macro settings to block macros from the internet, Granite IT reduces the risk of malware.
  4. User Application Hardening: They assist in hardening user applications to prevent exploitation of common vulnerabilities.
  5. Restrict Administrative Privileges: Granite IT helps in restricting administrative privileges based on user roles, implementing the principle of least privilege.
  6. Patch Operating Systems: They ensure that operating systems are regularly updated with the latest patches.
  7. Multi-Factor Authentication (MFA): Granite IT implements MFA across all critical systems, enhancing the authentication process.
  8. Regular Backups: They establish regular backup procedures and ensure backups are stored securely and tested periodically.

CIS Controls

Granite IT also aligns with the CIS Controls, a globally recognised set of best practices for securing IT systems and data They offer:

  1. Inventory and Control of Hardware Assets: Granite IT ensures accurate tracking and control of all hardware assets.
  2. Inventory and Control of Software Assets: They manage software inventories, ensuring only authorised software is installed.
  3. Continuous Vulnerability Management: Granite IT conducts continuous scans and remediation to keep systems secure.
  4. Controlled Use of Administrative Privileges: They enforce strict control over administrative privileges, reducing the risk of insider threats.
  5. Secure Configuration for Hardware and Software: Granite IT configures hardware and software securely to minimise vulnerabilities.

 

Through these tailored services, Granite IT enables companies to not only meet but exceed security audit requirements, thereby enhancing their overall cybersecurity posture and ensuring compliance with industry standards.

Get In Touch

(08) 6165 4937