Call: 1300 422 542

Calibre 1 Essential 8 Series: Multi-factor Authentication (MFA) Part 2

MFA

Calibre 1 Essential 8 Series: Multi-factor Authentication (MFA) Part 2

See our previous blog for Part 1: Maturity Level 1

 

Maturity Level 2 (ML2)

Points 1-4 from ML1 continue to apply at all maturity levels of the Essential 8 and so will not be mentioned again.  The differences at ML2 lie within the points 5, 7 and 8

  1. “Multi-factor authentication is used to authenticate privileged users of systems.”
  2. “Multi-factor authentication uses either: something users have and something users know, or something users have that is unlocked by something users know or are.”
  3. “Successful and unsuccessful multi-factor authentications are logged.”

 

5.      Multi-factor authentication is used to authenticate privileged users of systems.

This one here is a little complex in that it refers to another of the Essential 8 – Restrict Administrative Privileges.  Users that manage systems, should require a separate account to log into those systems, in addition, those privileged systems are separate from unprivileged operating environments.  With that in mind, to access those privileged systems, the user needs to use MFA to gain access.  Calibre 1 Managed Service clients are all treated in this way by C1 staff, however this may require some internal policy and procedure changes to implement fully.

 

7.      Multi-factor authentication uses either: something users have and something users know, or something users have that is unlocked by something users know or are.

Relatively simple, this refers to the requirement for a Password, and a fob token, or as is more common these days in a mobile first world, a Mobile Phone and application that requires Biometrics to unlock – or pin code to unlock.  C1 recommend the use of Microsoft Authenticator with a Biometrically enabled smart phone, such as an iPhone or Android device.

8.      Successful and unsuccessful multi-factor authentications are logged.

A core function of the Essential 8 and of security practice, important interactions with systems are logged.  Calibre One recommend the use of Sysmon which is a freely available Microsoft tool, and AuditD for Linux based systems, that can capture this information and log it locally – configuration files that can be supplied to these can be found at Florian Roth’s GitHub, which present a great foundational configuration for these logs – link in the references section.  Network Switches, Routers and Firewalls can also be configured to capture this information in Syslog.

 

See Previous Blog for Maturity 1

Join us for Maturity 3 in our next blog!

 

*Google product shown

Share This Post
Share on facebook
Share on linkedin
Share on twitter
Share on email
Subscribe To Our Newsletter
Name*
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

More To Explore

In The Media

2 Great Companies Come Together

A sign of further consolidation in the Australian ICT channel as Brisbane’s Azentro buys Adelaide’s Calibre One. The enlarged group, with combined sales of $A35m

Read More »

Find out what our team can do for your business.

Let us know how we can help

Contact Us
Name*
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.