Simple, Safe Steps to Cyber Security | Creating A Secure Network
Many small businesses run a large part of their business over the Internet without any security features. Being online opens the door to potential risks and rewards. This document provides an overview on how to protect your organization’s information and networks in event of a cyber-attack.
Simple safe steps are provided to educate your staff about information security practices.
Security must become a part of the organization’s culture.
Cyber security and profitability goals need to be closely aligned and clearly communicated by elevating the conversation and educating staff about risks affecting the business..
Evaluate and manage cyber security threats.
Identify critical assets and the financial, competitive, reputational and or regulatory impact and exposure to the organization. Identify and develop policies and strategies to manage cyber risks to an acceptable level.
Implement a risk based approach, compliance alone isn’t enough.
A risk based approach will produce a comprehensive and cost effective management of cyber risks than compliance activities alone. Compliance requirements help to establish a good cyber-security baseline to address known vulnerabilities.
Cybersecurity is NOT implementing a checklist of requirements – it’s day to day policies and procedures that are the strategic framework of the organization. Managing these threats is constant and ever changing.
Response Plans and Procedures. Incident response plans must be tested regularly to enable timely response and minimize potential damage. Identify strategic threats by analyzing, aggregating, and integrating risk data from various sources and sharing insights with partners in order to improve the security framework.
Cyber threats constantly evolve with increasing intensity and complexity potentially causing costly downtime to on going business operations and supply chain. Compromised intellectual property and customer data may result in reputational damage to the organization’s credibility and trust.
BASIC STEPS TO CREATING A SECURE NETWORK
Antivirus software is a Must
Antivirus software detects and removes malware, including adware and spyware, and filters out potentially dangerous downloads and emails.
Firewall Administrative Settings
Protect your network by restricting access to select websites. Configure setting to block staff from sending proprietary data and specific types of emails outside of your network. Administrative access should be limited to key personnel and IT staff.
Create a Cyber Security Framework
Develop a clear security policy plan that designates which individuals have access to which types of sensitive information. Provide clear direction as to how staff and vendors must process critical proprietary and client data.
Back up Essential Data Every Day
Back up your organization’s data automatically, using a combination of cloud and off-site backup.
Encrypt All Data
Encryption is essential to protecting personal identifiable information (PII). Data is rendered useless without authorized access codes.
Update Wi-Fi Network
Wi-Fi Protected Access version 2 (WPA2) is widely recognized as the most current and secure encryption available.
Mandate Security Polices for Mobile Devices
Remotely track devices SIM card, back up data and remotely lock devices that are lost or stolen. Mandate employees create passwords for their devices and report security breaches.
The Department of Homeland Security (DHS) is responsible for safeguarding our Nation’s critical infrastructure from physical and cyber threats that can affect our national security, public safety, and economic prosperity.
For more information, please visit: www.dhs.gov/cyber.
To report a cyber incident: https://forms.us-cert.gov/report/or (888) 282-0870