Cyber Best Practices

Many national and professional organizations have published lists of security best practices. The following is a list of some security best practices:

• Perform Risk Assessment – Knowing the value of what you are protecting will help in justifying security expenditures.
• Create a Security Policy – Create a policy that clearly outlines company rules, job duties, and expectations.
• Physical Security Measures – Restrict access to networking closets, server locations, as well as fire suppression.
• Human Resource Security Measures – Employees should be properly researched with background checks.
• Perform and Test Backups – Perform regular backups and test data recovery from backups.
• Maintain Security Patches and Updates – Regularly update server, client, and network device operating systems and programs.
• Employ Access Controls – Configure user roles and privilege levels as well as strong user authentication.
• Regularly Test Incident Response – Employ an incident response team and test emergency response scenarios.
• Implement a Network Monitoring, Analytics and Management Tool - Choose a security monitoring solution that integrates with other technologies.
• Implement Network Security Devices – Use next generation routers, firewalls, and other security appliances.
• Implement a Comprehensive Endpoint Security Solution – Use enterprise level antimalware and antivirus software.
• Educate Users – Educate users and employees in secure procedures.
• Encrypt data – Encrypt all sensitive company data including email.