Wednesday, 13 September 2017

10 steps to Cyber Security

The National Cyber Security Center have posted  their 10 Steps to Cyber Security which provides a good working baseline for all businesses:

  1. Setup a Risk Management Regime relating to your IT systems supported at a senior level
  2. Network Security - ensure your perimeter is secure
  3. User education and awareness - don't assume; ensure that all your staff have the level of instruction and training required to keep them safe
  4. Malware Prevention - ensure you have the required and up-to-date anti-malware installed on every device or a centralized system
  5. Removable Media Controls - ensure that random USB flash drives and external hard drives are controlled and managed on your network
  6. Secure Configuration - make sure that all software is patched and that a system inventory is maintained
  7. Managing User Privileges - setup permissions and shares to only allow users access to what they need for their role and no more  
  8. Incident Management - report incidents to the appropriate police authority - RCCU (Regional Cyber Crime Unit West Midlands) - and ensure internal reporting is carried out
  9. Monitoring - establish procedures for the handling and management of incidents
  10. Home and Mobile Working - develop procedures for this and enforce it. Protect data at rest and in transit.
If you are a business that uses and relies on IT then these 10 steps are the basics of what you should be putting in place or if you're not sure how to establish or implement then contact a reputable IT company such as ours to help, advise and carry out what you can't.