The following is a checklist of questions as a starting point for securing the valuable data your small business manages.
- Where will your data be Stored?
- How secure is your data? What security protocols are in place, so you’ll feel comfortable that breaches are less likely? Is it too easy for you to log on and get to the data? What encryption is used to protect the Data during transmission and at rest?
- Do you perform regular backups? Be sure you know how often your data is backed up and how the company ensures there is more than one Backup, and that there are clean Backups not infected with malware.
- How we can recover our digital assets from the Incident with less impact on our day to day operation with simple backup Practices?
- How fast can a backup be restored? It’s a misconception that having a good backup means systems can come back to a functioning state in just a click of a button. It is recommended doing backup drills just like you do fire drills. When your business is closed, have your cloud provider restore your system from backup and see how long it takes.
- How frequent are your service outages and how long do they last? If you don’t have access to your data, your business may experience downtime. You can calculate the cost of downtime per hour by just adding labour costs per hour to the revenue lost per hour. How much downtime can you afford?
In-short we must answer these questions
How much time do we have to get services running after an incident?
What is an acceptable amount of data loss?
When was the last time we test our backup by restoring?
IT Security should be a priority for all the companies and no company can be 100% protected from security threats. Here is an Audit Checklist to help small Business for a security Assessment.
Keep Your Operating Systems Updated:
Your operating system needs to be set for automatic updates whether you run on Windows or Mac. Turning off computers at nighttime or rebooting promotes the installation of updates. System updates are especially important for server operating systems where all patches and updates need be reviewed and updated on a recurring schedule.
Antivirus Updates :
Firms need to ensure that anti-virus programs are updated frequently and devices are scanned on a set schedule in an automated fashion into a workstation. In larger companies, workstations should be configured to report the status of the antivirus updates to a centralized server which can push out updates automatically when required.
Firewall setup :
Serving as a gatekeeper between your company’s servers and also the outside world – firewalls keep external threats out whereas alerting you by diverting outgoing information. Having an effective business class firewall is important for cyber security.
Have a strong password policy:
Encourage passwords with least eight characters with a combination of upper and lower case letters, numbers and special characters.
Use Automatic Screen Lock:
When a digital computer or mobile device has been idle for some minutes it should be set to automatically lock the screen to stay prying eyes out of the system.
Connect securely to the firm’s information resources either by utilizing a VPN or other secure connection. Do not do any confidential work on public WiFi and only connect to WiFi for firm work if it is sure to be authentic.
Encrypt Backup Data:
Firms should encrypt any backup media that leaves the office and validate that the backup is complete and usable. Firms should frequently review backup logs for completion and restore files randomly to confirm they’ll work once required.
Dispose of Data/Equipment Properly:
All physical files and draft documents with personally identifiable information that is no longer needed should be securely disposed. Workstations and different mobile equipment used for processing client information should be totally reformatted.
At least keep 3 copies of your Digital Assets
Store the backup data in 2 different storage devices
Always Keep one backup copy offsite or in Trusted Cloud
Reach out to the experts or email
We are happy to help!