Network, cyber and even physical security need to be woven into all aspects of a business.  There are many layers of security, and they all need to be addressed by all businesses.  Here are some of the ideas that will help with this:

 

Businesses need cybersecurity insurance, but they also need the assistance of someone who can help them accurately answer the questions on the forms they get from the insurance company. 

 

Businesses need to identify all critical data that they have.  This will allow them to better protect it and be compliant with various state / federal standards.

 

Data needs to be secured using modern encryption, local backups, offsite backups, redundant storage, and proper destruction of old data.

 

Secure your applications by patching and monitoring both the applications and the Operating System (OS).

​

Use a next generation antivirus and make sure it is always running. Use an Application Whitelisting and Ringfencing solution to keep the vulnerable and dangerous components of your systems from being used against you in a cyber‐attack. Use security software capable of detecting active threats. Use security software that is centrally managed and always monitored. Buy business class hardware to make sure things like TPM chips are included.

 

Utilize DNS filtering / sanitation to keep traffic from ever going to bad sites. Patch switches and routers. Collect and monitor logs from all devices and scan the network for threats. Use a Security Operations Center (SOC) with certified analysts and Incident Response specialist for 24/7 monitoring of the antivirus and network monitoring software. Make sure visitor and personal device wireless networks are segmented from the internal network. Use the latest encryption and security for wireless networks.

 

Make sure you have advanced firewall protection at both the Office network level and for each computer working remotely. Solutions need to cover firewall anti‐spam, firewall antivirus, firewall firmware updates, VPN, Intrusion Detection, firewall logging, DMZ, Intrusion Prevention, Deep Packet inspection, Stateful firewall, application filtering, Internet Fail Over, and firewall Security Rating.

 

Multi Factor Authentication (MFA) basically needs to be present in all accounts.  Rotating unique passwords on a regular basis along with a state-of-the-art password vault is also essential. 

 

The more you train your employees the less risk to the business.  Test your employees and your IT staff.  Test IT systems via Penetration Tests (Pen Tests) and vulnerability tests.  Many of these items can be packaged in with other items and can be quite affordable but need to be properly managed.