Top 10 Security Spring Cleanup Tips - InformationWeek
IoT
IoT
Government // Mobile & Wireless
Commentary
3/1/2011
08:46 PM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%
RELATED EVENTS
Moving UEBA Beyond the Ground Floor
Sep 20, 2017
This webinar will provide the details you need about UEBA so you can make the decisions on how bes ...Read More>>

Top 10 Security Spring Cleanup Tips

The change of seasons offers a good time to take a look at your security posture -- and especially any vulnerabilities that may have cropped up.

The change of seasons offers a good time to take a look at your security posture -- and especially any vulnerabilities that may have cropped up.The rapidly approaching first day of spring (no matter what it looks like outside your window at the moment), offers one of those seasonal markers that can be helpful in scheduling regular, ongoing security review.

A Top 10 List Of Items for review as the seasons change would include:

  • All antivirus and other security progress fully updated, with auto-updates set to keep them so.
  • All software fully patched, with procedures in place for ensuring that patches and updates remain current.
  • All antivirus and related programs fully licensed and paid-to-date; if using Security as a Service, review provider agreements. More subjectively, review your satisfaction with your SaaS provider. This is a good point to review your security budget as well.
  • Insist on password change for all employees, with strong passwords required.
  • Review all employee e-mail accounts and log-ins for appropriateness (which employees need access to which information?), as well as ensuring that departed employees' accounts have been closed.

  • Tighten perimeter defenses, changing router passwords, and ensuring that router is also up-to-date and effective.
  • Review employee usage policies with employees, reminding them that policies are to be followed scrupulously.
  • Audit all mobile devices that employees use for business purposes, ensuring that business information is only stored on mobile devices that are secure, and even then, only when absolutely necessary.
  • Test backup and recovery plans and procedures to ensure that you're ready tor recover quickly should a disaster strike.
  • Don't neglect physical security -- are all doors and windows equipped with strong locks and alarm systems? Does your facility include smoke and other detectors? Do business papers only hit the trash after being shredded?

You've undoubtedly got a number of other items that would fit nicely on such a checklist, some of them specific to your business and its operations and practices. Add them and start working through the list.

Taking advantage of the change of seasons to also check -- and, where needed, change -- your security profile, posture and practices gives you a four-time a year improvement of the odds that your business not only is secure, but also that it will stay secure.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll