5 Tips for Creating a Cybersecurity Plan for Your Business
From the Desk of:
CCR Technology Partners, Inc.
October is Cybersecurity Awareness Month, a perfect time to focus your efforts on creating, developing and implementing a solid cybersecurity plan for your organization. Let’s take a look at five “must do’s” to improve your organization’s cyber security.
1. Develop a Strategy
When creating your cybersecurity plan, it is imperative cyber security concepts are embraced from the highest reaches within the organization. Without management’s buy-in, any efforts on the part of the IT team will only be half-measures, doomed to failure.
Your internal process must start with an open dialogue between business managers and their rank and file. Everyone within the organization must fully understand the depth and seriousness of cybersecurity and the potential ramifications of an event. Everyone in the organization plays a role, from the President/CEO all the way down to the custodian.
This is a multi-level game and very much a team sport. It’s a combination of 3-dimentional chess meets pro football. Collaboration is key and greatly improves your odds for a successful outcome.
You can increase your odds even more by bringing in an outside IT consulting firm like CCR Technology Partners, to perform a cyber security audit of your network environment. We can identify a number of weak areas needing attention, thereby rocketing your cybersecurity strategy into high gear.
2. Employ a “Layered” Approach
While many are aware of the need to implement an enterprise-level firewall and antivirus software…this is just the starting point. There are many more layers which must be taken into consideration. Everything from who has physical access to the building, to those who access the network remotely, and everything in between. Here are some questions which will help you identify weak to non-existent “layers”:
- Who are the employees (and possibly non-employees) connecting to our network remotely?
- When was the last time we scrubbed Active Directory?
- How secure is our firewall and has it been properly programmed?
- What A/V solution are we using and when was the last time it was updated?
- How about wireless access, remote access and even access to the server room?
- What about cell phones, laptops, tablets, Fit Bit watches and other employee-owned wireless devices?
- What is our policy regarding employee internet access?
- Is it spelled out in the employee manual?
- What are we doing about employee training?
These questions are just the starting point. A well thought out defensive plan, encompassing all areas of the operation go a long way towards greatly improving cybersecurity.
3. Keep All Patches and Updates Current
Most, if not all hardware and software vendors are constantly pushing out “updates”. Those patches and updates are designed to strengthen your network security and to eliminate any recently uncovered vulnerabilities in hardware, software and/or applications running your business. It is imperative that your IT team consistently maintain and apply these updates. Missed updates are a recipe for disaster. It’s the same thing as leaving your front door unlocked while on vacation.
4. The Human Firewall
One of the most often overlooked weapons in your cybersecurity arsenal is continuing education for employees. Eighty-six percent of all malicious hacks start thru a social engineering vector of one form or another. This places your employees on the front lines, taking incoming fire from cyber threats such as phishing emails, rogue websites and forms of psychological manipulation. There are at least 16 different vectors which can wreak havoc on a business owner. Arm your employees with knowledge. Education of the human firewall is one of the best defenses you can deploy.
5. Create and Enforce Password Rules
Another item for your company employment manual would be a section regarding password expectations. From how they are created, to how often they are changed, to where they are stored – passwords play a critical role in protection from cyber threats. (Helpful hint: Shared departmental or multi-user passwords are a definite no-no.)
The ideas and recommendations outlined above are just a few of the areas needing scrutiny to create a proactive cybersecurity strategy. At CCR Technology Partners, our goal is to establish a protective, cybersecurity dome over your entire operation, thus keeping your printing presses printing money.
Remember, being proactive is a position of strength. Being reactive is a recipe for disaster. Once ransomware has locked your systems, it’s too late.
For more help with your proactive cyber security initiative, feel free to reach out to me. I’ll be happy to help!
CCR Technology Partners, Inc.
(317) 842-1754 ext 5201 or firstname.lastname@example.org
See us on the web at https://goccr.com
See us on Facebook https://facebook.com/goccr
“We help our clients
Simplify, Innovate & Succeed”
Looking for a solution?
Helpdesk: (317) 288-7229 | Office: (317) 842-1754