16 security steps to assess and secure your network

 

Here is a handy and easy to understand guide with 16 steps you can use to assess and secure your network. Using this guide will allow you to understand threats and vulnerabilities, and implement a risk management plan for your business. Using a framework such as this ensures you maintain control of your network and its data. Take that cybercriminals.

 

  1. Security Assessment

It is important to establish a baseline and close existing vulnerabilities. When was your last assessment?

  1. Spam Email

Secure your email. Most attacks originate in your email. We will help you choose a service designed to reduce spam and your exposure to attacks on your staff via email.

  1. Passwords

Apply security policies on your network. Examples: Deny or limit USB file storage access, enable enhanced password policies, set user screen timeouts, and limit user access.

  1. Security Awareness

Train your users – often! Teach them about data security, email attacks, and your policies and procedures. We can provide cyber security training to your members of staff.

  1. Advanced Endpoint Detection & Response

Protect your computer’s data from malware, viruses, and cyber-attacks with advanced endpoint security. Today’s latest technology (which replaces your outdated anti-virus solution) protects against file-less and script-based threats and can even rollback a ransomware attack.

  1. Multi-Factor Authentication

Utilize Multi-Factor Authentication whenever you can, including on your network, banking websites, and even social media. It adds an additional layer of protection to ensure that even if your password does get stolen, your data stays protected.

  1. Computer Updates

Keep Microsoft, Adobe, and all your products updated for better security. We provide automatic updates and security patched to protect your computers from the latest known attacks for over 100 different platforms.

  1. Folder Permissions

We review all your files to ensure only the authorized people have access. New people must be approved by a decision maker before they are given access.

  1. SIEM/Log Management (Security Incident & Event Management)

Uses big data engines to review all event and security logs from all covered devices to protect against advanced threats and to meet compliance requirements.

  1. Web Gateway Security

Internet security is a race against time. Cloud-based security detects web and email threats as they emerge on the internet and blocks them on your network within seconds – before they reach the user.

  1. Mobile Device Security

Today’s cyber criminals attempt to steal data or access your network by way of your employees’ phones and tablets. They’re counting on you to neglect this piece of the puzzle. Mobile device security closes this gap.

  1. Firewall

Turn on Intrusion Detection and Intrusion Prevention features. Send the log files to a managed SIEM. And if your IT team doesn’t know what these things are, call us today!

  1. Encryption

Whenever possible, the goal is to encrypt files at rest, in motion (think email) and especially on mobile devices. Encryption stops your data from being readable.

  1. Backup

Backup local. Backup to the cloud. Have an offline backup for each month of the year. Test your backups often. And if you aren’t convinced your backups are working properly, call us ASAP.

  1. Disaster Recovery

Is there a detailed plan in place to help get your business back online if the worst should happen?

  1. Cyber Insurance

If all else fails, protect your income and business with cyber damage and recovery insurance policies.

Security is a journey, not a destination and remember to assess and secure your network. 

Our experienced, knowledgeable team can help your business make sense out any of these steps to ensure that everything you have built is protected from cyber criminals.

Here are other articles you might like:

Free Cyber Security Risk Assessment

Cyber Crime - FBI