With an aggressive threat landscape and non-negotiable adherence to the ACSC Essential Eight framework in Australia, relying on default vendor security settings isn't enough.
Geeks on Tap's cloud security checklist provides the strategic roadmap — developed by our certified Australian team — to help you stop managing security reactively and start building genuine resilience.
Relying on default vendor security settings is no longer enough for Australian businesses.
This checklist is built for Australian business owners and managers who rely on Microsoft 365 or Google Workspace to run day-to-day operations. It is especially helpful for teams who do not have in-house IT support, as well as businesses with an IT provider who want a clear way to sense-check their current setup.
No technical background is needed. The checklist focuses on the essentials every business should have in place to reduce cyber risk, avoid common mistakes, and stay protected.
Your user accounts are the first line of defence in the cloud. Most security breaches start with weak or stolen passwords — proper access controls are non-negotiable.
1.1
Require two different methods for every login. Use app-based methods like Microsoft or Google Authenticator, or physical Security Keys — they are more secure than SMS codes. Geeks on Tap handles the full setup and enforcement of MFA across your organisation.
1.2
Stop stolen passwords from working by restricting access based on login location or device. We set up Conditional Access (M365) or Context-Aware Access (Google Workspace) to enforce geo-restrictions and ensure access only comes from verified, managed devices.
1.3
Create completely separate accounts reserved only for high-level administrative tasks. This drastically reduces the risk of your entire cloud environment being compromised by a single phishing attack on a regular user account.
1.4
Regularly review who has high-level admin rights. Grant only the minimum permissions necessary for a user to do their job, and remove admin roles immediately when no longer needed.
Today's teams work from many locations and use different devices to access company data. These devices are often the easiest way for threats to gain a foothold.
2.1
All company-owned and essential personal devices must be enrolled in Mobile Device Management to enforce baseline security settings — including complex PIN requirements and remote wipe capability.
2.2
Outdated operating systems and applications are the easiest entry point for cybercriminals. We keep Windows, macOS, and essential apps updated automatically without disrupting work.
2.3
Endpoint Detection and Response actively monitors device behaviour to stop zero-day and sophisticated attacks in real time. We use advanced security monitoring to detect and stop threats quickly as your business grows.
2.4
Protect sensitive data stored on hard drives so that if a device is lost, stolen, or improperly disposed of, the data is unreadable. We encrypt all devices and securely manage recovery keys so data stays protected everywhere.
Your business data is valuable, and having proper backups protects it from ransomware, mistakes, and system failures.
3.1
Adopt the gold standard: at least three copies of your data, stored on two different types of media, with one copy stored off-site or in the cloud. Geeks on Tap uses enterprise backup tools to keep your data securely backed up across multiple locations.
3.2
Backups must be protected against modification or deletion by cybercriminals and ransomware. This is achieved through WORM (Write Once, Read Many) technology — we lock backups so they cannot be changed, even during an active attack.
3.3
Regular recovery drills must be performed to ensure data can be restored quickly and reliably, meeting your target Recovery Time Objective. We test backups every quarter to confirm data can be restored when needed.
3.4
Cloud providers manage uptime, but you are responsible for data loss prevention. You need third-party backup for M365 (Exchange, SharePoint, Teams) and Google Workspace data — we back up both platforms for fast, point-in-time recovery.
Geeks on Tap offers a unique approach tailored to the needs of growing Australian businesses.
Deep understanding of Australian regulatory requirements — your cloud strategy meets local compliance standards including the ACSC Essential Eight.
Secure your entire modern cloud footprint across Google Workspace and Microsoft 365, with unified protection from one expert team.
Continuous 24/7 monitoring and adaptive management to proactively detect threats and keep your defences always one step ahead.
Geeks on Tap is here to help identify your biggest security gaps and efficiently implement these cybersecurity best practices. Our team offers a free, no-obligation strategy session — we'll assess your existing cloud setup against these exact best practices and provide a clear action plan.
It's time to stop reacting to threats and start building genuine, proactive resilience.
Start Your Free Security Review