Whats effective cyber security practice?

Risk management

You need to know what info you hold and why you hold it. Is it sensitive? Do you review who has access to the most sensitive data? Do you understand your possible vulnerabilities? 

Data Encryption

Protect your sensitive data. Do you use systems to encrypt and protect your critical data from unauthorised access?

Disaster Recovery

Backup you critical systems and data, and test the back up process. Do you know if you are able to restore services in the event of an attack?

Network and computer security

Keep systems, software and apps up-to-date and fully patched. Do you make sure your computer network is configured to prevent unauthorised access?

User and device credentials

Ensure your staff use strong passwords when logging on to hardware and software. Change the default Administrator credentials for all devices. Do you use two-factor authentication where the confidentiality of the data is most crucial?

Awareness

People are an integral part of the cyber security chain. Do you educate your staff on cyber security risks?

Accreditation

Gaining a recognised accreditation, such as Cyber Essentials, could improve the security of your firm. Do you align your firm to a recognised cuber scheme?

Information Sharing

Sharing threat information with your peers, though networks such as the Cyber Security Information Sharing Partnership (CiSP), is a vital tool in strengthening your cyber defences. Are your a member of any information sharing arrangement?

Related:

• Phishing scam awareness & staff training
• Is your business protected by multi-factor authentication (2FA)? It needs to be
• Tips for protecting your business against phishing scams – PART 1