![Full Logo.png]](https://help.devicie.com/hs-fs/hubfs/Full%20Logo.png?height=30&name=Full%20Logo.png){kind=small}
Next: Expected user impacts and FAQs
What is the Essential Eight?
The Essential Eight is is a set of 8 security strategies for Windows devices, recommended by the Australian Signals Directorate (ASD) as a cybersecurity baseline for all organisations. These strategies are designed to protect internet-connected IT networks and were most recently updated in November 2023 (learn more).
Unlike formal compliance frameworks such as CIS or NIST, the Essential Eight is more subjective. It consists of 152 controls spread across three maturity levels:- Maturity Level 1 (ML1)
- Maturity Level 2 (ML2)
- Maturity Level 3 (ML3)
At Devicie, we support the implementation of all controls relevant to endpoints—which account for approximately 60% of the total controls. These are deployed and managed via Microsoft Intune using Devicie’s pre-configured policy catalogue. For the remaining 40%, Devicie provides guidance and practical resources to support implementation.
How to use this guide
This guide is designed to step you through the process for implementing the Essential Eight endpoint controls with Devicie's proven configuration templates and testing recommendations. There are a series of articles designed to take you through the overall process as well as an article dedicated to each mitigation strategy and how our policies cover the controls for each.
If you have any questions throughout the process of implementing the Essential Eight policies in your organisation, please feel free to raise a ticket with Customer Support.
To understand which controls are covered by Devicie:
- Log into the Devicie portal
- Navigate to Reports > Essential Eight
- Use the filters to view based on maturity level and/or mitigation strategy
- Use the export feature to view more details
For detailed information on each policy:
For detailed technical information on each policy, you can visit the Configuration Templates > Windows section of the Devicie knowledge base. You will also find embedded links to the relevant policies within the portal when you are using the policy deployment wizard.
Essential Eight Guide Contents
Get Started
- Introduction
- Expected user impacts & FAQs
- Using the Devicie E8 dashboard
Implementation Process
- Setting up groups
- Deploy policies
- Testing guidelines
- App control and macros
Mitigation Strategies
- Patch applications
- Regular backups
- Multi-factor authentication
- Application control
- Restrict administrative privileges
- User application hardening
- Patch operating systems
- Restrict Microsoft Office macros