The change of seasons offers a good time to take a look at your security posture -- and especially any vulnerabilities that may have cropped up.
The change of seasons offers a good time to take a look at your security posture -- and especially any vulnerabilities that may have cropped up.The rapidly approaching first day of spring (no matter what it looks like outside your window at the moment), offers one of those seasonal markers that can be helpful in scheduling regular, ongoing security review.
A Top 10 List Of Items for review as the seasons change would include:
All antivirus and other security progress fully updated, with auto-updates set to keep them so.
All software fully patched, with procedures in place for ensuring that patches and updates remain current.
All antivirus and related programs fully licensed and paid-to-date; if using Security as a Service, review provider agreements. More subjectively, review your satisfaction with your SaaS provider. This is a good point to review your security budget as well.
Insist on password change for all employees, with strong passwords required.
Review all employee e-mail accounts and log-ins for appropriateness (which employees need access to which information?), as well as ensuring that departed employees' accounts have been closed.
Tighten perimeter defenses, changing router passwords, and ensuring that router is also up-to-date and effective.
Review employee usage policies with employees, reminding them that policies are to be followed scrupulously.
Audit all mobile devices that employees use for business purposes, ensuring that business information is only stored on mobile devices that are secure, and even then, only when absolutely necessary.
Test backup and recovery plans and procedures to ensure that you're ready tor recover quickly should a disaster strike.
Don't neglect physical security -- are all doors and windows equipped with strong locks and alarm systems? Does your facility include smoke and other detectors? Do business papers only hit the trash after being shredded?
You've undoubtedly got a number of other items that would fit nicely on such a checklist, some of them specific to your business and its operations and practices. Add them and start working through the list.
Taking advantage of the change of seasons to also check -- and, where needed, change -- your security profile, posture and practices gives you a four-time a year improvement of the odds that your business not only is secure, but also that it will stay secure.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.