System Hardening Guidance | Cyber.gov.au

Individuals & families Small & medium businesses Large organisations & infrastructure Government

This page lists the ACSC’s publications that provide hardening guidance for systems, including operating systems, applications, workstations and servers.

Hardening Microsoft Windows 10 version 1909 Workstations

Workstations are often targeted by an adversary using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening workstations is an important part of reducing this risk. This document provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10 version 1909. Before implementing recommendations in this document, thorough testing should be undertaken to ensure the potential for unintended negative impacts on business processes is reduced as much as possible.

Hardening Microsoft Windows 8.1 Workstations

Workstations are often targeted by an adversary using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening workstations is an important part of reducing this risk. This document provides recommendations on hardening workstations using Enterprise editions of Microsoft Windows 8.1. Before implementing recommendations in this document, thorough testing should be undertaken to ensure the potential for unintended negative impacts on business processes is reduced as much as possible.

Hardening Linux Workstations and Servers

This document has been developed to assist organisations understand how to harden Linux workstations and servers, including by applying the Essential Eight from the Australian Cyber Security Centre (ACSC)’s Strategies to Mitigate Cyber Security Incidents.

End of Support for Microsoft Windows 10

Under Microsoft’s current servicing model, support for Microsoft Windows 10 will end between 18 to 30 months after release depending on the version and edition being used. At such a time, organisations will no longer receive patches for security vulnerabilities identified in these products. Subsequently, adversaries may use these unpatched security vulnerabilities to target workstations running unsupported versions of Microsoft Windows 10.

End of Support for Microsoft Windows 7

On 14 January 2020, Microsoft ended support for Microsoft Windows 7. As such, organisations no longer receive patches for security vulnerabilities identified in this product. Subsequently, adversaries may use these unpatched security vulnerabilities to target Microsoft Windows 7 workstations.

End of Support for Microsoft Windows Server 2008 and Windows Server 2008 R2

On 14 January 2020, Microsoft ended support for Microsoft Windows Server 2008 and Windows Server 2008 R2. As such, organisations no longer receive patches for security vulnerabilities identified in these products. Subsequently, adversaries may use these unpatched security vulnerabilities to target Microsoft Windows Server 2008 and Windows Server 2008 R2 servers.

Hardening Microsoft Office 365 ProPlus, Office 2019 and Office 2016

Workstations are often targeted by adversaries using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.

Hardening Microsoft Office 2013

Workstations are often targeted by adversaries using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.

Microsoft Office Macro Security

Microsoft Office applications can execute macros to automate routine tasks. However, macros can contain malicious code resulting in unauthorised access to sensitive information as part of a targeted cyber intrusion. This document has been developed to discuss approaches that can be applied by organisations to secure systems against malicious macros while balancing both their business and security requirements.

Security Configuration Guide - Apple iOS 12 Devices

This publication provides guidance on hardening the security configuration of iOS 12 devices.

Security Configuration Guide - Samsung Galaxy S9 and S9+ Devices

This publication provides guidance on hardening the security configuration of Samsung S9 and S9+ devices.