Achieving compliance with a security policy and maintaining compliance can be tedious. At Red Hat, we believe that such things should be automated and not become an unnecessary burden. To this end, we offer a whole ecosystem of services that automate security compliance.
We ship several widely used security policies with our products. Today, we will go over the “Essential Eight" baseline in a bit more detail.
The "Essential Eight" is a set of mitigation strategies created by the Australian Cyber Security Centre (ACSC), part of the Australian Signals Directorate (ASD) that leads the Australian Government’s efforts to improve cybersecurity.
The "Essential Eight" baseline is designed to make it much harder for adversaries to compromise systems, and Australian government organisations, businesses and individuals are recommended to adopt these essential strategies:
-
Application control, to prevent the execution of unapproved and malicious programs.
-
Patching applications, and use of the latest version of applications.
-
Configuring Microsoft Office macro settings.
-
User application hardening.
-
Restricting administrative privileges to operating systems and applications.
-
Patching operating systems, ensuring "extreme risk" vulnerabilities are patched within 48 hours.
-
Multi-factor authentication, including for VPNs, RDP, SSH and other remote access.
-
Daily backups.
The ACSC publishes a guide explaining the Essential Eight, and a separate guide outlining how the Essential Eight can be applied to Linux systems. Obviously, some of these strategies don't apply to Red Hat Enterprise Linux (RHEL), but they're worth studying up on as a good overall baseline for mitigation strategies. Let's look at some of the essential strategies that do apply to RHEL.
A critical control in the guide is "Application Control," which helps ensure that non-approved applications (including malicious code) are prevented from executing. The RHEL ACSC Essential Eight profile includes the File Access Policy Daemon (fapolicyd) to address this control. The fapolicyd software framework is supported with RHEL 8, and supports application control based on a user-defined policy.
In Linux environments, the ACSC recognises that configuring Microsoft Office macro settings is typically not applicable, and provides additional guidance on hardening Linux systems. This guidance includes applying additional forms of security policy enforcement, such as SELinux, and using the "noexec" parameter to mount partitions to which users have write access.
We’ve codified this additional guidance and included it in the ACSC Essential Eight
profile available with RHEL.
The ACSC Essential Eight profile is available in the scap-security-guide
package in RHEL 7 since 7.8 (package version 0.1.46-11.el7) and RHEL 8 since 8.2 (version 0.1.48-7.el8). The SCAP Security Guide documentation is installed with the scap-security-guide-doc
package under /usr/share/doc/scap-security-guide/guides/ssg-rhel8-guide-e8.html
.
About the author
Vojtěch Polášek is a software engineer working within the security compliance subsystem in Red Hat. He studied computer networks and, later, information technology security at Masaryk University in Brno, Czech Republic.
Browse by channel
Automation
The latest on IT automation for tech, teams, and environments
Artificial intelligence
Updates on the platforms that free customers to run AI workloads anywhere
Open hybrid cloud
Explore how we build a more flexible future with hybrid cloud
Security
The latest on how we reduce risks across environments and technologies
Edge computing
Updates on the platforms that simplify operations at the edge
Infrastructure
The latest on the world’s leading enterprise Linux platform
Applications
Inside our solutions to the toughest application challenges
Original shows
Entertaining stories from the makers and leaders in enterprise tech
Products
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Cloud services
- See all products
Tools
- Training and certification
- My account
- Customer support
- Developer resources
- Find a partner
- Red Hat Ecosystem Catalog
- Red Hat value calculator
- Documentation
Try, buy, & sell
Communicate
About Red Hat
We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.
Select a language
Red Hat legal and privacy links
- About Red Hat
- Jobs
- Events
- Locations
- Contact Red Hat
- Red Hat Blog
- Diversity, equity, and inclusion
- Cool Stuff Store
- Red Hat Summit