De4Sec Technology
Book a Free Call
๐Ÿ‡ฆ๐Ÿ‡บ Australiaโ† All services

Essential Eight Compliance

Most Australian SMBs know they should be securing their systems โ€” but don't know where to start. This usually only shows up when an insurer asks, a contract requires it, or an incident happens. By then, you're remediating under pressure. The Essential Eight gives you a clear, actionable baseline. We audit where you are and get you to where you need to be โ€” ML1 or ML2 โ€” so you can satisfy insurers, auditors and clients. De4sec audits your current posture and uplifts you to Maturity Level 1 or ML2 โ€” required for cyber insurance, government contracts and increasingly expected by investors.

Get a Free IT & Security Check โ†’All Services

The Eight Controls โ€” and what each means

โœ“Application control โ€” only approved software can run on managed devices
โœ“Patch applications โ€” all apps (browsers, PDF readers, Office) patched within 48h of release
โœ“Configure Microsoft Office macros โ€” disabled or restricted by default
โœ“User application hardening โ€” browser extensions, Flash, Java locked down
โœ“Restrict administrative privileges โ€” admin accounts used only when required
โœ“Patch operating systems โ€” all OS patches applied within 48h or 2 weeks (ML1/ML2)
โœ“Multi-factor authentication โ€” MFA enforced for email, cloud, remote access, admin
โœ“Regular backups โ€” tested, offline or offsite, recoverable within 12 hours
What De4sec delivers
โœ“Gap assessment against all 8 controls at your target maturity level
โœ“Written assessment report with current rating per control
โœ“Prioritised remediation plan โ€” quick wins first
โœ“Implementation: Intune policies, Defender configuration, MFA, backup
โœ“Evidence pack for insurance or audit purposes
โœ“Certification-ready documentation
โœ“Post-implementation verification scan
Who needs this?
โœ“Any business applying for cyber insurance
โœ“Government suppliers and contractors
โœ“Professional services โ€” legal, accounting, financial
โœ“Healthcare and NDIS providers
โœ“Any business that has experienced or is concerned about a cyber incident
What maturity level should we target?
ML1 is the minimum baseline and satisfies most insurers. ML2 is required for government suppliers and some higher-risk environments. We advise based on your sector and requirements.
How long does an assessment and uplift take?
A typical SMB assessment takes 1 week. Implementation of controls takes 2โ€“6 weeks depending on gaps found.
Can you produce evidence for our insurer?
Yes. We provide a written evidence pack documenting controls in place, suitable for cyber insurance applications.
Do you work with our existing IT team or MSP?
Yes. We can work alongside your existing team or as the sole provider. We are tool-agnostic within the Microsoft ecosystem.
// Related Services
Patch ManagementCovers 2 of 8 controls directlyCybersecurity & RiskBroader security programmeCloud MigrationBuild E8 in from day one
// NOT SURE WHERE YOU STAND?

We offer a free IT & Security Check.

We identify risks before they become problems โ€” then tell you exactly what to fix first.

Book a Free Discovery Call โ†’ See Results โ†’

Ready to get started?

Book a free consultation โ€” no obligation.

Get a Free IT & Security Check โ†’+61 451 500 909