Your 10 steps to Cyber Security

business-security-breachJust how secure is your business from a cyber security breach? Opportunists are constantly looking for opportunities or weaknesses in an organisations defences. New technologies are ever-increasingly available to improve your business operations, ensuring you work more efficiently and ensure your business-critical data is protected against cyber threats. Here are our ten steps your business should be looking at, for starters.

1. Network Security

Protect your networks from attack. Defend the network perimeter, filter out unauthorised access and malicious content. Monitor and test security control.

2. Malware Protection

Produce relevant policies and establish anti-malware defences across your business.

3. Removable Media Controls

Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware before importing it onto the corporate system.

4. Secure Configuration

Apply security patches and ensure the secure configuration of all systems is maintained. Create a system inventory and define a baseline build for all devices.

5. Risk Management Regime

Access the risks to your business information and systems by embedding an appropriate risk management regime. Ensure that all employees, contractors and suppliers are aware of the approach and any applicable risk boundaries.

6. Managing User privileges

Establish effective management processes and limit the number of privileges accounts. Limit user privileges and monitor user activity. Control access to activity and audit logs.

7. Incident Management

Establish an incident response and disaster recovery capability. Test your incident management accounts. Provide specialist training. Report criminal incidents to law enforcement.

8. Monitor

Establish a monitoring strategy and produce supporting policies. Continuously monitor all systems and networks. Analyse logs for unusual activity that could indicate a possible threat.

9. User Education and Awareness

Produce user security policies covering acceptable and secure use of your systems. Include the training of your staff. Maintain awareness of cyber risks.

10. Home and mobile working

Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline and build all the devices. Protect data both in transit and at rest.

Digital IT Review Banner