SERVICES / CYBER SECURITY
CYBER SECURITY
Resilience by Strategic Defence
Essential 8 uplift, endpoint protection, audit and compliance logging, identity hardening and 24/7 SOC monitoring, delivered across Microsoft 365 and Google Workspace environments. Built around the Australian Cyber Security Centre's published framework, not vendor checkboxes.
THE ESSENTIAL 8
Australia's baseline cyber framework, implemented properly
The ACSC's Essential 8 is the most pragmatic security framework available to Australian businesses. We do not just claim compliance, we map your current posture against the eight mitigation strategies, agree a Maturity Level target with you, and deliver it. Implementations below describe the Microsoft 365 path; equivalent controls on Google Workspace use Workspace Admin, Cloud Identity, Context-Aware Access, Chrome Enterprise, Vault and partnered EDR tooling.
01
Application control
Block unauthorised executables via Intune App Control / WDAC policies.
02
Patch applications
Automated third-party patching via Intune and Defender Vulnerability Management.
03
Configure Office macros
Block macros from internet, enforce trusted publishers, audit existing macro usage.
04
User application hardening
Browser hardening via Edge group policies, Java/Flash removal, ad-blocking.
05
Restrict admin privileges
Privileged Identity Management (PIM), just-in-time elevation, separate admin accounts.
06
Patch operating systems
Windows Update for Business rings, macOS update enforcement via JAMF, monthly compliance reports.
07
Multi-factor authentication
Phishing-resistant MFA (FIDO2 / Windows Hello), Conditional Access enforcement, legacy auth blocked.
08
Regular backups
M365 backup, endpoint backup, immutable storage, quarterly restore drills with documented evidence.
SECURITY SERVICES
Beyond the framework
Microsoft Defender for Endpoint
Managed XDR across endpoints, identities and Office 365. We tune the alerts so you only see real signals, investigate every Sev1, and run weekly threat-hunting against your tenant.
Microsoft Purview audit & compliance
Audit log retention configuration, sensitive information types, DLP policies, Insider Risk Management, eDiscovery readiness, everything Purview gives you, configured to actually deliver value.
SharePoint & OneDrive hardening
Permission audits using PnP.PowerShell, sharing policy review, sensitivity label rollout, external-sharing governance.
Entra ID identity protection
Conditional Access policy design, MFA enforcement, identity-protection risk policies, privileged identity management (PIM), workload identity governance.
Compliance readiness
SOC2 Type II readiness, ISO 27001 implementation, HIPAA-aligned controls, PCI DSS scoping, Privacy Act 1988 obligations, all mapped to your existing Microsoft tooling so you are not buying separate compliance platforms.
Incident response retainer
Optional add-on. Defined IR runbook, 1-hour callout SLA for major incidents, post-incident forensic report, lessons-learned briefing.
CLIENT WORK
Future Leadership: Essential 8 to Maturity Level 2 in one quarter
Future Leadership engaged BaseHost to assess and uplift their Microsoft 365 environment against the Essential 8 framework. We delivered an end-to-end assessment, presentation pack, and 90-day remediation roadmap.
- ✓ Conditional Access redesigned, MFA gaps closed
- ✓ Intune App Control deployed to all corporate devices
- ✓ Office macro policy enforced across tenant
- ✓ Backup retention extended; restore drill completed
- ✓ Compliance evidence pack delivered to the board
FRAMEWORKS WE OPERATE TO
Standards we hold our delivery to
We're a Microsoft Partner with active CSP-direct status, with JAMF-certified engineers on the team. Whilst we don't hold ISO certification ourselves, we deliver and operate environments aligned to ISO 27001:2022 controls, the ACSC Essential 8 framework and SOC 2 Trust Services Criteria, supporting clients pursuing certification under those standards. See our compliance approach for how we work alongside your certification body.
HOW WE DELIVER CYBERSECURITY
Cybersecurity that is layered, monitored, and measurable.
Cybersecurity at BaseHost is layered, monitored, and measurable. Microsoft Defender and Sentinel cover endpoint and identity, DNSFilter blocks malicious domains at the network edge, and KnowBe4 handles the human layer with quarterly training and monthly simulated phishing. Every alert is triaged by a real engineer, with documented runbooks for the common cases and escalation paths for the unusual ones. Nothing that looks like initial access is auto-dismissed.
Where a control sits inside Essential 8, ISO 27001, SMB1001 or SOC 2, the evidence is captured as the work happens, not retrofitted before an audit. You get the same engineer who joined your onboarding handling your incident response three years later, because continuity beats a fresh face on every ticket. The monthly report shows what was blocked, what was investigated, and where the next risk to address actually sits.
ALWAYS ON
24/7 threat watching. Real engineers, not just dashboards.
Engineers monitoring around the clock from our operations base. No outsourced helpdesk, no script-readers. Just experienced people who know your environment.
FREQUENTLY ASKED
Common questions
Are you a security consulting firm?
No. We are an MSP that implements and operates security controls. We deploy Defender, configure Conditional Access, implement Essential 8 controls, run security operations and respond to incidents. If you need an independent security consultant for risk assessment or strategic advice unconnected to delivery, we will refer you to one.
Do you provide 24/7 SOC services?
We provide 24/7 monitoring through Microsoft Defender XDR with managed alert triage during business hours and on-call escalation after hours. For full 24/7 SOC-as-a-service with named analysts at all hours, we partner with specialised providers, we will discuss the right level for your risk profile.
What about penetration testing?
We do not conduct penetration tests ourselves, independence matters for this. We engage trusted pen test partners on your behalf and remediate findings as part of managed services. For compliance-mandated tests (PCI, ISO 27001) we ensure the right scope and credentials.
How does incident response work?
On engagement we document a written incident response plan tailored to your environment, IR team roles, communication tree, evidence preservation procedures, regulator notification timelines. When something happens, we follow that plan. For ransomware specifically, we have a dedicated runbook including offline backup verification and decryption-decision support.
Will you support cyber insurance claims?
Yes. We work with your broker pre-incident to align security controls to insurance requirements, and post-incident we provide the technical evidence pack insurers need.
What licensing is included?
Our engineering and security operations are included. Microsoft Defender, Sentinel, third-party EDR, and any other security tooling licenses are billed separately at vendor cost, we do not mark up licensing.
How does this map to Essential 8?
Our cybersecurity service operationally implements most Essential 8 strategies. See our Essential 8 page for the framework view of how the controls map.
Get a free Essential 8 baseline. 30 minutes, zero obligation.
We will review your M365 tenant against the eight mitigation strategies and tell you honestly where you sit on the maturity scale. You will leave the call with a written summary, regardless of whether you engage us.
RELATED READING