16 security steps to assess and secure your network
Here is a handy and easy to understand guide with 16 steps you can use to assess and secure your network. Using this guide will allow you to understand threats and vulnerabilities, and implement a risk management plan for your business. Using a framework such as this ensures you maintain control of your network and its data. Take that cybercriminals.
- Security Assessment
It is important to establish a baseline and close existing vulnerabilities. When was your last assessment?
- Spam Email
Secure your email. Most attacks originate in your email. We will help you choose a service designed to reduce spam and your exposure to attacks on your staff via email.
- Passwords
Apply security policies on your network. Examples: Deny or limit USB file storage access, enable enhanced password policies, set user screen timeouts, and limit user access.
- Security Awareness
Train your users – often! Teach them about data security, email attacks, and your policies and procedures. We can provide cyber security training to your members of staff.
- Advanced Endpoint Detection & Response
Protect your computer’s data from malware, viruses, and cyber-attacks with advanced endpoint security. Today’s latest technology (which replaces your outdated anti-virus solution) protects against file-less and script-based threats and can even rollback a ransomware attack.
- Multi-Factor Authentication
Utilize Multi-Factor Authentication whenever you can, including on your network, banking websites, and even social media. It adds an additional layer of protection to ensure that even if your password does get stolen, your data stays protected.
- Computer Updates
Keep Microsoft, Adobe, and all your products updated for better security. We provide automatic updates and security patched to protect your computers from the latest known attacks for over 100 different platforms.
- Folder Permissions
We review all your files to ensure only the authorized people have access. New people must be approved by a decision maker before they are given access.
- SIEM/Log Management (Security Incident & Event Management)
Uses big data engines to review all event and security logs from all covered devices to protect against advanced threats and to meet compliance requirements.
- Web Gateway Security
Internet security is a race against time. Cloud-based security detects web and email threats as they emerge on the internet and blocks them on your network within seconds – before they reach the user.
- Mobile Device Security
Today’s cyber criminals attempt to steal data or access your network by way of your employees’ phones and tablets. They’re counting on you to neglect this piece of the puzzle. Mobile device security closes this gap.
- Firewall
Turn on Intrusion Detection and Intrusion Prevention features. Send the log files to a managed SIEM. And if your IT team doesn’t know what these things are, call us today!
- Encryption
Whenever possible, the goal is to encrypt files at rest, in motion (think email) and especially on mobile devices. Encryption stops your data from being readable.
- Backup
Backup local. Backup to the cloud. Have an offline backup for each month of the year. Test your backups often. And if you aren’t convinced your backups are working properly, call us ASAP.
- Disaster Recovery
Is there a detailed plan in place to help get your business back online if the worst should happen?
- Cyber Insurance
If all else fails, protect your income and business with cyber damage and recovery insurance policies.
Security is a journey, not a destination and remember to assess and secure your network.
Our experienced, knowledgeable team can help your business make sense out any of these steps to ensure that everything you have built is protected from cyber criminals.
Here are other articles you might like:
Free Cyber Security Risk Assessment