Take our free online cybersecurity assessment. Approximate time to complete: 4 minutes.
Have you determined who should and should not have access to the business’ information
Do you perform a full background check on all prospective associates/employees?
If so, does this include drug, credit, arrest histories?
Are new associates/employees trained on information security expectations?
Does the training cover awareness, risks and legal?
Do you have InfoSec policies in place?
Are you actively managing your systems including patching/updates and enforcing policies
for permitted applications?
Are you enforcing WiFi security, such as WPA2 or better?
Are you using a secure VPN (wifh MFA or IPSEC) for remote access to your data?
Are you filtering emails and URLs and keeping employees away from phishing attacks and
disallowed websites while at work?
Are you using any advanced endpoint protection or are you simply running anti-virus?
Does your business have a firewall?
Is it still supported by the manufacturer?
Is it actively updated and managed on a regular (every 3 months or sooner) basis?
Does it have an advanced security services subscription?
Does your business have any compliance or regulatory requirements that you need to meet?
Do you have a detailed business incident response plan in the event you experience a
cyber security breach as well as a communication plan with clients and vendors should
such an event occur?
Have you developed a strategy covering your business’ crucial data to meet the RTO
(recovery time objective) & RPO (recovery point objectives) needs of the business?