Rising above the Security Poverty Line

    Rising above the Security Poverty Line

    ToFu-InfoG---Rising-above-the-SPL_cropped.png

    Just click the image above to get the low-resolution copy of this infographic.

    Staying above the security poverty line isn’t just a good idea, it’s also good business. According to the Ponemon institute’s “2014 Global Report on the Cost of Cyber Crime,” the cost of  cyberattacks on businesses has nearly doubled in the last four years. Every business should strive to have strong security, and to not be a statistic.

    Here are our top 12 tips to help a business rise above the security poverty line.

    1. Dedicated Security Budget

    No-one should turn down security because it is “too expensive”, security is a process not a product. Many tasks can be done at the cost of time alone, and even then any budget should have room to accommodate for IT security.

    2. Achievable Security Goals

    Many businesses feel they lack the resources needed to achieve even basic security, but rarely is that actually the case. Setting realistic and achievable security goals can help combat those beliefs about cybercrime.

    3. In-house Security Expertise

    No, “Google” is not an in-house security expert; however, that can be a great place to start. Simply designating a person as the in-house security expert can help clear a lot of the confusion surrounding who needs to know what.

    4. On the Cutting Edge of Compliance

    Knowing is half the battle. If no-one in a business knows the difference between PCI compliance and a PCI port then they need to be guided to relevant sources of information to keep them up to date.

    5. Collecting Security Policies

    If a business is generally unaware of current recommended security policies, then they likely have few themselves.  Rarely is it necessary to start from scratch when it comes to establishing security policies, as adapting current industry best practices can provide quick results.

    6. Authorized Devices Inventoried

    It’s nigh-impossible for a business to secure devices they’re unaware of. Keeping an inventory of authorized devices can help when it comes time for securing all of your endpoints.

    7. Maintained Malware Protection

    Most people know that they need some sort of protection on their systems. Unfortunately, the set-and-forget nature of such solutions often results in systems running out of subscription time, or being left without updates.

    8. Fully Configured Network Devices

    A properly configured firewall can greatly assist in securing a network. An improperly configured firewall may provide less functional security, if any at all, and could potentially expose a network to even greater risk.

    9. Vulnerability Assessments

    Regular vulnerability assessments are like checking that your doors are locked whenever you leave your home. However, unlike a home, a network can have hundreds or thousands of doors, so looking in all the right places is critical.

    10. Employee Security Awareness

    There’s no need to instill a fear of the internet into users, but some relevant statistics and examples from the news can help any employee become more security conscious. A little knowledge goes a long way.

    11. Thorough Password Policies

    For best results, pair a strong password policy with some sort of password management solution. That way it’s possible to minimize the number and difficulty of passwords users need to remember.

    12. Account Monitoring and Management

    What purpose does having  a password policy serve if users are sharing accounts, or worse yet, sharing administrator accounts. Account monitoring allows you to track activity like this and lets you put a stop to it.

    Ready to Get Started?

    Let's Talk