Australia releases cloud security guides for SMBs

1 year ago 123
BOOK THIS SPACE FOR AD
ARTICLE AD

Australia has released a series of guides it says are designed to help small and midsize businesses (SMBs) safeguard their cloud environments and against common cybersecurity incidents. These include technical guidelines for multi-factor authentication and patch management. 

The Australian Cyber Security Centre (ACSC) on Friday said it had developed the Small Business Cloud Security Guides in recognition that SMBs might not have the resources to understand the complexities of operating online or responding to potential cyber risks. 

The government agency said the guides would help these businesses understand such risks as well as how to work with managed service providers or their own IT teams to ensure a robust cyber hygiene. 

The cloud security guides were developed with Microsoft, said ACSC's head Abigail Bradshaw, who added that working with both public and private organisations helped establish Australia as "a hard target" for cybercriminals. 

The government agency said it received more than 76,000 cybercrime reports in the past year, which translated to one in every 7 minutes. 

Alexi Boyd, CEO of Australia's Council of Small Business Organisations, noted: "A cybercrime can be devastating and can cause significant financial loss for a small business. On average, cyber incidents cost small businesses over $39,000. These guides are designed to help businesses secure their systems and data."

The SMB guides highlight the "Essential Eight" principles to secure environments using Microsoft 365, but are not designed to help organisations reach "a particular maturity level", said ACSC. The guides include technical examples of multi-factor authentication, patch management, and application control. 

The documents are developed for SMBs using Microsoft 365 as a SaaS (software-as-a-service), with devices configured with Microsoft Intune. The technical guides also use low cost or free solutions where possible, though, many security configuration options are not available in entry-level Microsoft 365 subscriptions, according to ACSC.

To adopt the technical examples, organisations will need subscriptions to Microsoft 365 Business Premium or the equivalent.

RELATED COVERAGE

Australia sees rise in cybercrimes on back of 'destructive' ransomware, state actorsAustralia beefs up scrutiny of Medibank following data breach
Australia seeks stiffer penalty for data breaches amidst spate of security incidentsAustralia moots changes to privacy laws after Optus data breachAustralia government wants Optus to pay for data breach
Editorial standards
Read Entire Article