Cybersecurity Checklist – Part 2: How do you Manage?
In our last Top 20 of 2020 blogs, we discussed the most basic layer of security you can implement as you build your defense. In this week's blog, we explore the different controls you can put in place to manage your assets, users, and vendors.
Asset Management – Every piece of hardware and software in your business is an asset. Tracking those assets is essential to knowing who has access to what. When an employee leaves your organization, retaining the company assets assigned to that employee is necessary to ensure there is not unauthorized access to company information. Asset management is also helpful if an employee’s device is lost or stolen.
Identity Management – How do you verify the identity of those who access your network? Establishing controls such as two-factor authentication and biometrics can help you verify the identity of someone who is attempting to access your network. Without these controls, you could potentially open your network up to attacks from people claiming to be authenticated users.
Vendor Management – How do you evaluate new vendors? Do you have a formal process in place to evaluate new ones? Implementing a vendor management process provides several benefits, such as cost control, service excellence, and risk mitigation. It also helps your organization meet business objectives. A vendor management process will also allow you to look more closely at your vendors to ensure they are compliant with your information as well.
Incident Management and Problem Handling – How do you respond to incidents within your organization? Incident response and management plans help organizations identify, analyze, and correct problems to prevent them from occurring again. Putting corrective actions into place will help your organization better anticipate problems from re-occurring.
In our next blog in the series, we’ll discuss configuration management, change management, patch management and endpoint security. For more information on how we can help you minimize the risk of a cyberattack, contact us today.