Today’s attacks are spreading faster, evolving quicker, and evading even the most widely used security solutions. But that doesn’t mean you can’t fight back. Get practical recommendations for preventing and mitigating the latest attacks with this free checklist below.
Formulating your cyber security checklist
When implementing successful cyber security there is a whole plethora of things to consider. We created a list of relevant steps that you may want to incorporate into your own checklist in order to make sure that your company has all the necessary precautions in place.
Physical data security
- Physically secure data – probably the most basic measure to protect your sensitive information is to make sure that physical access to this information is restricted. Make sure that your servers are inaccessible not only to visitors of your office (or random people for that matter), but also to your own employees with insufficient clearance. If you’re using IaaS or simply renting infrastructure from a datacenter, then this is not really your concern, but if you’re owning and hosting your own physical servers, then it is necessary to make sure that they are sufficiently protected.
- Physically secure network access points. However, protecting servers is not enough. You must also make sure that access points for your inner corporate network are secure. This includes not only obvious things like employee workstations, but even things like company Wi-Fi and Ethernet outlet. If you’re allowing guests to use your company Wi-Fi, make sure that they have no access to your inner network and make sure that your router and other devices have unique non-default passwords. Any access point is vulnerable, and thus its security needs to be taken seriously.
- Conduct employee background checks. Your own employees can pose the greatest threat to security of your company data. It is important to take potential insider threats into account and take measures to combat them. The first and most obvious thing you can do is thorough background checks. Checking background information on your employees does not require a lot of effort. This may be something as simple as googling their name and calling their previous workplace to confirm the information they’re given to you. Such a simple background check will not protect you from insider threats 100%, but it will allow you to filter out the most obvious offenders.
How Protected Are You?
- Establish regular backup practice. Regular backups should be conduct by any company regardless of what data they have and how vulnerable they are to an attack. Backups not only allow to protect the system from certain attacks that are otherwise very hard to deal with (such as ransomware), but also serve as a way to restore the system after an insider attack or an accident. It is very important to make sure that your backups are always up to date.
- Store backups in a secure manner. Backups should be conducted and stored in a secure manner. It is best to assign several different people to collaborate on a backup process. This greatly diminishes risks due to malicious insiders (as people are less likely to conduct malicious actions or abuse their access when collaborating with other), and it also makes sure that the backup process is performed correctly. You also want to encrypt your backups and store them in an inaccessible location separately from your main network, thus ensuring that they will not be compromised in case of a breach.
- Maintain component protection. One of the most basic ways to provide network security is to protect the integrity of each of its components. It means that every device that constitutes your corporate network, such as all your routers, should be physically inaccessible, but also protected by a complex unique non-default password.
- Encrypt communications. All communications inside your network should be encrypted. It is also a good idea to encrypt all incoming and ongoing traffic as much as possible. Such encryptions will protect data from being intercepted by a man in the middle attack, or stolen by a perpetrator that is already inside your network.
- Monitor traffic. There are a lot of ways to keep tabs on your traffic, including built-in system features and specialized traffic monitoring solutions. Traffic monitoring allows to detect suspicious network activity, for example malware, that communicates your sensitive data to the outside. It can also prove very valuable in the event of an investigation.
- Maintain redundant connections for critical systems. Another important measure that is relates to general reliability of your system just as much as its security is to make sure that there are redundant connections for critical systems in place. This will allow you to keep your network up and running in case it is compromised and may serve as a way to circumvent certain types of attacks, such as denial of service attacks.
A brief insight into cyber-security threats
With thanks to Systems Engineering for the upload.