Blog

Your Essential 17-Point Cyber Security Checklist

1. Assess Your Security and Develop a Response Plan

No matter how prepared you are, cyber security attacks still happen. To recover as fast as possible, you should assess any weaknesses in your security and develop an official response plan. Make sure your plan:

  • Treats all cyber security incidents with equal priority regardless of size.
  • Is in written form and understood by all team members.
  • Includes contact information for key resources like the police, your attorney, your insurance company, and the FBI.
  • Gets practiced in a test environment.

Don’t have a response plan yet?

You’ll be unprepared if an attack does happen. The longer it takes to recover, the more data – and money – you lose.

2. Raise Security Awareness

Employees should be aware of what they can do to mitigate cyber security threats. Addressing security issues during regular training sessions is critical. Make sure you:

  • Require all new hires to take security courses before accessing business data.
  • Offer refresher security awareness courses to existing employees.
  • Send out regular test email campaigns trying to spoof your staff.
  • Train system administrators on how to recognize and prevent new risks.

Haven’t trained your employees in risk assessment?

Your employees are a significant threat to your company’s overall data security if not properly educated on how to identify and mitigate risks.

3. Upgrade Password Protection

One of the biggest risks to your network is a hacker using brute-force attacks to compromise your password protection. Weak passwords or using the same password on multiple sites is a significant risk. Enforcing password protocols can help to guard your network from these threats.

Your policy should include requirements that:

  • Each user has their own unique username.
  • Users have strong passwords that include numbers and special characters.
  • Passwords are changed frequently.

Secure password managers are the key to simplifying the process of using complex, ever-changing passwords: you need only remember one and the program does the rest.

Still using insecure passwords without a password manager?

Once a hacker has access to your system with your username and password, your entire network is at risk, especially critical financial data.

4. Take Advantage of Multi-Factor Authentication

Sometimes, standard password policies aren’t enough. Multi-factor authentication takes effective password protection to the next level. The easiest, most effective way to do this is to require users to verify login attempts from their personal mobile devices.

Multi-factor authentication should be required for all corporate email access. If your e-mail solution offers it, take advantage of it immediately. Third-party multi-factor authentication software can be used when there is no native option.

Don’t have multi-factor authentication set up?

Not taking advantage of this concept makes it easier for your accounts to be compromised. It may be an extra step, but it’s worth it.

5. Control Spam Email

Spam email is still one of the easiest ways to infiltrate a network. If a crypto-locker virus takes control of your data, your business may never recover. With phishing emails becoming harder to detect, a multi-level protection system is necessary to safeguard your network.

Proofpoint is a cost-effective solution that can better protect you from spam than standard 365 email providers with machine learning technology that eliminates threats in real-time.

Spam email out of control?

Spam is more than just annoying: ignoring this threat could easily lead to your entire network becoming compromised.

6. Utilize Advanced Endpoint Security

Unprotected client devices are also a risk to your network security. All your network devices, including mobile devices, should be running protection software before being allowed outbound access. This includes:

  • Frequently running definition updates.
  • Managing updates and settings from a central server.
  • Removing at-risk devices from the physical layer until resolution.

Haven’t invested in an enterprise endpoint solution yet?

The cost of recovering from a data breach is often much greater than the expense of establishing security before infiltration occurs.

7. Verify DNS Servers and Web Content

Rogue DNS servers can redirect your website requests to unintended destinations. Your gateway should have a list of allowed network DNS servers.

DNS servers that are not whitelisted should not be permitted to resolve domain names. To effectively minimize the amount of DNS servers being accessed from your network, utilize DHCP to assign these server addresses automatically.

Employees are wasting employer time by surfing websites they shouldn’t be accessing. DNS allows your team to block access to these websites, which also reduces your risk.

Are your company’s DNS servers vulnerable?

Devices using compromised DNS servers can be redirected to dangerous websites that put data at risk.

8. Stay Aware with Dark Web Research

Sensitive data, such as social security numbers, credit card and financial information, is sold on the dark web daily. If your corporate information appears on the dark web, you need to know about it. Make sure you:

  • Scan the dark web to detect any sensitive information.
  • Have an effective response plan if your data is compromised.
  • Revoke the access of employees detected trying to access the dark web with anonymous browsers and investigate their activity.

Are you leaving your company unprotected on the dark web?

If your data is sold on the dark web, attackers can do untold financial damage, disrupting your business and potentially even driving it into the ground.

Don’t have separate networks?

Leaving your business network accessible to the public opens you up for attack by anyone within range of your wireless networks.

9. Stay Current with Computer Updates

Your devices face new threats frequently. Your devices should check for and install security updates on a scheduled weekly basis.

Security updates should be managed from a central database. With Windows PCs, this can be done with Windows Server Update Services. Network administrators should be made aware of critical security updates and verify that they are installed as soon as possible.

Is your network out-of-date?

A network that is safe today may be vulnerable tomorrow. If you aren’t running updates, potential attackers will be one step ahead of you.

10. Separate Private and Public Networks

To protect your company’s critical data, it’s important to keep it secure from the public. Separate your public and private networks by:

  • Implementing network segregation with managed switches and VLANs.
  • Enabling access to untagged guest VLANs from the administrative VLAN and trunk ports.
  • Restricting employees from using personal devices on the business network.

11. Take Log Management to the Next Level w/SIEM & SentinelOne

It’s important to understand when security events on your network occur. SIEM, or Security Information and Event Management and SentinelOne, are the next-level solutions to record remote network security events and unusual network patterns. Here’s how it works:

  • SIEM helps network administrators learn more about where security threats are coming from.
  • Network administrators are immediately notified when intrusions do occur.
  • Logs share all the appropriate information, including host and destination IP addresses, services/ports, and the nature of the detection.
  • Mention this is better sentence, PCG’s SIEM solutions are monitored 24×7 by our Security Operations center.
  • SentinelOne looks for unusual traffic patterns or IP’s that are not part of your normal network. Our Security Operations center will notify us and shut off this activity/risk.

Is your system missing SIEM and SentinelOne?

Being without SIEM and SentinelOne leaves your network more vulnerable to infiltration by attackers.

12. Monitor Traffic with a Web Gateway 

The most effective way to stop threats is at the entry-point of your network. You can use multi-layered protection to effectively prevent network attacks by combining endpoint and gateway security. Your gateway should:

  • Inspect all traffic that enters and leaves your network.
  • Utilize security tools such as IPS, gateway anti-virus, and content filtering.
  • Offer enough throughput to allow for security services to be run without severely hampering bandwidth.

Is your business without a web gateway?

Missing the opportunity for strong gateway protection allows threats easy access to the inside of your network.

13. Take Mobile Device Security Seriously

Today’s mobile devices carry just as much threat as a personal computer. Devices that come and go from your network pose a significant risk, so it’s important to ensure they’re properly managed.

Mobile devices should only be allowed on the public wireless network and should be required to have a secure password and fingerprint or facial recognition to gain access.

Haven’t implemented mobile security solutions?

Hackers are finding new ways into your network every day and unprotected mobile devices make their job even easier.

14. Protect Your Network with a Secure Firewall

Your network is bombarded with outside traffic every day. Traffic coming in and out of your network should be inspected by a network firewall, configured in the following manner:

  • Unspecified inbound traffic should be blocked.
  • Inbound traffic should be permitted from designated source IP addresses.
  • Spoofed IP addresses should be detected and denied.

Is your network without a firewall?

Having a firewall is a simple way to monitor traffic in and out of your network. Without a properly locked down firewall, hackers can access your network through RDP.

15. Encrypt Email and Devices

If your company’s physical devices fall into the wrong hands, your data is vulnerable. To protect it, you should take advantage of encryption technology. Make sure you:

  • Run on encrypted hard drives on all your devices.
  • Use encrypted connections when communicating between multiple office buildings.
  • Utilize encryption when sending email communications that contain any personal information.

Are your devices still unencrypted?

Any data stored or sent without encryption is easier decipher and use if it falls into the wrong hands.

16. Keep Your Data Backup Secure

You need to be prepared for data failure at any moment. Your data should be backed up frequently, and your backup plan should include:

  • Backups encrypted and stored in multiple locations, at least one of which should be offsite.
  • Backups stored as images.
  • A pre-imaged secondary server prepared for when the primary server fails.

A network-attached storage device is a cost-effective way for small businesses to store backups. Having scheduled recovery time and point objectives will help you recover in a timely manner if a ransomware attack occurs.

Are your backups unsecure?

Hackers are targeting your backups with the same urgency as your live data. If you aren’t prepared, you could be left with a security crisis and no way to restore your information.

17. Protect Investments with Cyber Insurance

Cyber-attacks financially compromise your business. The best way to protect your finances in the event of an attack is with a cyber insurance policy. A cyber insurance policy will reimburse you for damages suffered as a result of a cyber-attack, which may prevent your business from going under.

For the best product and pricing, it’s a good idea to shop around and read reviews for the best policy on the market.

Are you lacking cyber insurance?

Even just a single cyber attack could cost your business more than you can fiscally handle.

Ready to Secure Your Network?
Get a Security Risk Assessment by PCG-IT

Every business, no matter how big or small, should undergo a security risk assessment to verify strengths and weaknesses. A security risk assessment will help you determine where your company’s network vulnerabilities lie and help you prioritize mitigating these risks by developing a budgeted plan to protect your assets, data, and employees. After a cyber-attack is too late —  give PCGIT a call today to assess the state of your security now.