Government's ACSC launches secure administration guide

The Australian Signals Directorate wants to help you lock down root accounts

The government's Australian Cyber Security Centre (ACSC) has released a guide intended to help organisations lock down network assets, such as application servers and domain controllers, by protecting accounts that have admin privileges.

The aim of the Secure Administration guide is to prevent Sony Picture-style hacks, the document states.

The guide states that in the majority of compromises of government networks analysed by the Australian Signals Directorate (ASD), hackers acquired "significant privileged access, such as Domain Administrator access", making it easier for them to conceal their activity, gain further access to networked resources and "more efficiently steal, modify and damage data".

"Given the scale and complexity of enterprise networks, it is reasonable to assume that at least one standard user account and workstation within an organisation's Internet-connected network could be compromised by an adversary," states the document, which is hosted by the ASD (PDF).

"As administrator accounts often have unrestricted access to critical resources, this document focuses on protecting sensitive accounts and resources from an adversary who has gained a presence on the network."

The guide recommends a number of measures to lock down networks.

They include implementing a access control regime that minimises unnecessary privileges for accounts, employing multi-factor authentication, the use of privileged workstations, widespread event logging and auditing, network segmentation and segregation, and the use use of hardened remote access servers ('jump boxes').

The Secure Administration guide is intended to complement the government's Information Security Manual (ISM), the ASD's description states.

The ASD released an updated version of the ISM earlier this year. As part of the update, the organisation launched its Certified Cloud Services List (CCSL) to smooth the path to cloud adoption for government agencies.

This year the ASD has also released hardening guides for Office 2013, Windows 7 and 8 and an update to its iOS hardening guide for government agencies.

The ACSC brings together information security capabilities from the Department of Defence, the Attorney-General’s Department, ASIO, the Australian Federal Police and the Australian Crime Commission.

The centre began operations in November. In July it released its first threat report.

Join the Computerworld newsletter!

Error: Please check your email address.

Tags Australian Cyber Security CentresecurityAustralian Signals DirectorateInformation Security Manual (ISM)Australian Cyber Security Centre (ACSC)Australian Signals Directorate (ASD)

More about ASIOAttorney-GeneralAustralian Crime CommissionAustralian Federal PoliceDepartment of DefenceFederal PoliceISMSony

Show Comments