A practical cybersecurity checklist – Smiley Pete Publishing

A practical cybersecurity checklist – Smiley Pete Publishing


In today’s business world, there isn’t much that doesn’t require a connection to a computer or network. We know from recent headlines that companies can fall to their knees for problems such as ransomware and phishing attacks, but other risks such as tornadoes, floods or fires can also devastate a computer network. If your IT plans do not address some or all of these issues, your business may be at risk.

Practically speaking, a company relies on its computer network as an essential tool for day-to-day accomplishment. And as a business owner, there are things you should do to ensure that these computers continue to run effectively, efficiently, and safely.

These measures are easy to overlook when everything is working properly. However, when a problem arises, you will be happy to take precautions. For example, what would you do if you went into your business tomorrow morning and found out that three months ago an employee clicked on an email link and ransomware software was installed? It remained inactive on the system until hackers activated it, remotely connected to your network, and stole information from your company and even your customers. Then, when they left your network, they encrypted all the computers in your business and sent you a $ 250,000 extortion note to unlock your data.

If you believe this scenario is not true, you should probably disconnect the cable modem. In late April, the same scenario happened in a Louisville law firm. An account was published in the Courier Journal after hackers tweeted it and a cable service reporting on piracy picked up the story.

While you may not know where or when a cyberattack or natural disaster will occur, a little prevention can help protect your business from the worst.

To help you protect yourself from a similar scenario, here is a short checklist of the most basic steps to consider for your business:

• Does your business currently have cyber insurance?

• Do you have multi-factor authentication enabled in all your cloud service providers, where you need a password and a PIN for an authentication application in your phone to sign in to the cloud service?

• Does your Internet firewall have content filtering and malware protection enabled?

• Do you back up your critical files to your server, computers, and cloud environment both on-site and off-site?

• Have you tried this backup?

• Do you have antivirus software with a supported subscription?

• Have you turned on the automatic patch application on your computers and restarted them as needed to get them installed? Check that they work and work?

• Do you offer a basic security training company to educate your users about piracy and phishing?

• Do you have a framework for your business to verify that you understand your company’s data and policies, such as the NIST cybersecurity framework?

• Do your IT staff understand the items on this checklist?

• If you use a computer company, there is someone in this. Who is a certified information systems security professional or similar?

• Does your IT company offer managed services or managed security services?

Over the past year, hacking and cybersecurity reporting have become commonplace in the news, and just because you’re a small business in downtown Kentucky, don’t think they won’t come looking for you. The lists used for e-mail fishing are extensive and random. In addition, a hacking attempt is equally likely to come from a company in your supply chain, such as a vendor or a company you work with on projects. While you may not know where or when a cyberattack or natural disaster will occur, a little prevention can help protect your business from the worst.

Russ Hensley, CEO of Hensley / Elam, is a Certified Information Systems Security Professional (CISSP) with over a decade of direct experience in security consulting in finance, healthcare, legal and other industries. He also has over 26 years of general IT experience running one of the largest computer service companies in Kentucky. Visit www.hea.biz for information.





Source link

Related post

EDUCAUSE 2022: How Data Collection Can Improve Student and Faculty IT Support

EDUCAUSE 2022: How Data Collection Can Improve Student and…

At Indiana University, Gladdin said, to make life easier for students and faculty, they implemented a course template for the Canvas…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…

Leave a Reply

Your email address will not be published.