Essential Eight

NinjaOne helps organizations improve their cybersecurity maturity as defined in the Australian Cyber Security Centre’s Essential Eight cybersecurity framework.

NinjaOne Dashboard illustration

Mitigation Strategies to Limit the Extent of Cyber Security Incidents

Patch Operating Systems

Ensure all endpoints are using the latest version of the appropriate operating system and don’t use unsupported versions. Patch endpoint operating systems to mitigate cybersecurity risk. Patch endpoints with ‘extreme risk’ vulnerabilities within 48 hours.

How Ninja Helps

NinjaOne automates patching for Windows, Mac, and Linux endpoints. Patch scanning and deployment schedules are distinct, allowing for daily, weekly, or monthly patch scanning and deployment. Ninja gives full control over patch approval, rejection, and deployment by patch category and criticality.

Ninja also gives full visibility into patching activity, including failures, to ensure you can effectively report on patch compliance.

Mitigation Strategies to Prevent Malware Delivery & Execution

Patch Applications

Ensure the use of the latest versions of applications. Patch applications (e.g. Flash, Java, Chrome, Microsoft Office, etc) to mitigate cybersecurity risk. Patch endpoints with ‘extreme risk’ vulnerabilities within 48 hours.

How Ninja Helps

NinjaOne automates patching for over one hundred fourty common applications. Patch scanning and deployment schedules are distinct, allowing for daily, weekly, or monthly patch scanning and deployment. Patches for unsupported applications can also be deployed via custom script and remote access tools.

Ninja also gives full visibility into patching activitiy, including failures, to ensure you can effectively report on patch compliance.

Mitigation Strategies to Recover Data and System Availability

Daily Backups

Require backup of important new / changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.

How Ninja Helps

NinjaOne provides a fully-integrated data protection solution built for server and endpoint workflows. Data can be stored locally, in the cloud, or both to ensure your data protection needs are met. Users get full control over retention policies, allowing for three months or longer data retention.

Mitigation strategies Ninja may support through custom development

Restrict Administrative Privileges
Restrict privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.

Ninja supports least privileged access through:

    • Management of local and domain-user group membership via scripts
    • Monitoring and alerting for changes in security group membership

Multi-factor Authentication
Require MFA for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.

NinjaOne requires multifactor authentication for access to the management console and related capabilites either via Ninja’s built-in MFA or via SSO through integrated IDPs.

Ninja also requires MFA to complete security-critical actions like managing users or deploying scripts.

Ninja can also be used to automate the deployment of agent-based IDP solutions to enforce MFA on endpoints.

User Application Hardening
Configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.

NinjaOne supports user application hardening via:

  • Directly changing application settings via remote access
  • Silently changing application settings via remote terminal, file explorer, and registry editor
  • Mass deploying custom scripts to change application settings
  • Mass uninstall unnecessary or unwanted applications

Microsoft Office Macro Settings
Configure settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.

NinjaOne supports disabling Microsoft Office macros via:

  • Directly disabling macros via remote access
  • Silently disabling macros via remote registry
  • Mass deploying a script to configure macro settings

Ready to become
an IT Ninja?

Learn how NinjaOne can help you simplify IT operations.
Capterra Shortlist 2024
G2 Leader - Fall 2024
TrustRadius Top Rated 2024
Leader SourceForge Winter 2024
GetApp Category Leaders 2024
Software Advice Front Runners 2024
×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.