You’ve read the news stories. You’ve seen the Phishing emails. You’ve downloaded the ransomware protection software, then you cross your fingers and hoped for the best…. But how good is your protection? It can be a tricky area to navigate when you aren’t an IT guru. We’ve put together a simple checklist to help guide you through a self-evaluation. Let’s take your “Cyber Temperature” and see what preventative measure you can take to improve your Cyber Health.
Note: this is not an exhaustive list, and there is no “cure all” solution. We can look to deter cyber criminals and have a plan ready if there is a breach. Nothing is guaranteed, however.
- Do you filter/scan incoming emails for malicious attachments or links?
- Do you strictly enforce SPF? (Sender Policy Framework – essentially lets you publish IP addresses that are trusted)
- Are external emails flagged to alert an employee it originated outside your organization?
- Do you have cyber awareness and phishing training for employees at least annually?
- Do you use Multi-Factor Authentication? (this requires an additional step when logging into an account from an unknown computer. It will ask for a code to be texted or emailed to confirm the login attempt is valid)
- Do you use malware protection or endpoint detection & response (EDR)?
- Do you regularly update your malware protection software?
- Do you use multi-factor authentication for remote access?
- Do you have a process for quickly applying critical security patches?
- Do you have a two step sign off for writing checks or transferring money?
Backup & Recovery
- Do you back up your key data regularly (at least monthly)?
- Are your backups encrypted?
- Do you test your backup system at least annually?
If you answered “no” to 3 or more of these questions, it might be a good time to review your IT infrastructure and procedures.
If you do not currently purchase cyber insurance, we should set up a time to meet. The above reflects preventative measures, but what do you do after a breach? A cyber insurance program can protect your business assets and reputation in this event. It also provides resources to guide you through the claim, determine a course of action, and help to reduce the cost/effect of the breach.
Let’s talk. 651-257-1042