Sacramento’s Premier IT Support & Security Specialists | Blog | Contact
Contact Us: 916-366-6566
Recommendation:CNS recommends having a comprehensive list of all company vendors listed with their contact information, point of contact, access, and SLA information. This is helpful as you will not need to hunt around for the proper contact information, saving valuable time during an incident. Additionally, this list can be referenced as vendors are dismissed to make sure any/all access they have can be removed.
Please provide them
Recommendation:Security policies are the guidelines that indicate managements intentions on securing their physical and information assets. They also provide guidance on acceptable use of these assets and the ramifications should be not be follow. CNS can provide IT security documents to your company should you request them.
Recommendation:Asset documentation helps a company to assign a value to their core assets. Should a core asset become unavailable due to an incident that can cause productivity and monetary impact to a company. CNS recommends the creation of a written asset management document detailing the function of the asset as well as the impact to the company should the asset become unavailable.
Have they been tested within the last 2 years?YesNo
If Yes, please provide evidence of test.
Recommendation:Business Continuity Plans are pre-drafted, pre-determined protocols for how your organization will overcome a business disruption caused by an emergency. Containing a serialized checklist of risk-mitigating action to take, business continuity planning addresses both natural and human disasters that can strike, ultimately bringing operations to a halt. CNS can help by providing a generic BCP that your company can use and adapt to fit your organization.
Please provide the latest server & workstation backup report you have
Recommendation:A backup policy help an organization manage its expectations and provides specific guidance on the “who, what, when, and how” of the data backup and restore process. The policy should go over who is responsible for managing backups and confirming they complete successfully, as well as dictate who can access the backups and how long the data should be retained. CNS can assist in providing a standard backup policy that can be adjusted to best fit your needs.
Do you utilize both encryption for data at rest, as well as for data in transit?YesNo
Please detail what cloud service you use to store PHI/PII
Recommendation:CNS recommends the implantation of encryption both at rest and in transit for any company that sends, receives, or stores PHI and PII. Encryption is a requirement as dictated in the Health Insurance Portability and Accountability Act (HIPAA) of 1996 for storing, sending, and receiving PHI and PII.
Instructor Led TrainingReading MaterialsPhishing Training/Simulations
What is the frequency of the training?
Recommendation:It is essential to your business to ensure your employees are trained on the constantly changing security threats and how to avoid these threats. CNS provides both online training courses as well as Phishing simulations to help employees learn what to watch for and how to avoid phishing scams.
Recommendation:It is best practice to have a listing of all user accounts so you can make sure no account is left with access after employees leave. CNS maintains user lists through several different vectors including, Active Directory, Azure Active Directory, and N-Central. It is important to notify us when user status’ change so we can make the appropriate modifications to the user’s access.
Recommendation:Background checks should be performed on an annual basis as many items that may impact your business through an employee’s behavior may not be visible to you. CNS recommends you update your background check policy, notify your employees, and perform background checks on an annual basis.
Recommendation:CNS recommends that if employees have access to company data on mobile devices the mobile device be protected by a MDM solution. CNS utilizes Microsoft Intune to manage devices and we can assist you in deploying this solution.
Recommendation:Multi-factor authentication should be enabled on all critical systems for any users who have access. Accounts secured with MFA can remain unbreached even if the account username and password have been compromised.
Have you performed a PCI DSS compliance audit of your site?YesNo
Recommendation:If you perform any e-commerce on your network, CNS recommends the site be secured by an SSL certificate and the site be consistently audited for PCI DSS compliance. PCI DSS is the information security standard for organization that handle branded credit cards and their information.
Recommendation:Anti-Spam solutions are import to both reduce the amount of unnecessary and unwanted email and to block malicious email from reaching your users inboxes.
Recommendation:Advanced email security suites offer many advanced solutions to protect email systems beyond traditional anti-spam / anti-malware solutions. Solutions such as Impersonation Protection and Sandboxing for links and attachments greatly increase the security of email systems.
Recommendation:CNS recommends that any time private or sensitive information needs to be emailed, it should be sent via an encrypted email. An encrypted email protects the contents of the email from being viewed by unauthorized 3rd parties.
Recommendation:DLP prevents the accidental (or intentional) disclosure of private/sensitive data. By configuring DLP thresholds, an organization can choose what happens when an outgoing email/OneDrive/SharePoint link attempts to send sensitive email to a 3rd party. The content can be blocked, encrypted, or otherwise locked down. CNS recommends implementing a DLP solution if your organization works with any type of sensitive information (PHI, PII, Credit Card Info, Corporate IP, etc.)
Recommendation:Firewalls are used to block unauthorized incoming traffic to your network. CNS recommends that firewalls be set with a DENY ALL rule for incoming traffic. With very few exceptions, nothing from outside should be allowed into the network without first originating from within the corporate network. Additionally, we recommend configuring logging on the firewall so that access and changes can be audited.
Recommendation:Wireless access can be very beneficial for organizations that have a distributed user base within their headquarters or remote offices. That being said, it is important that wireless networks be configured securely so as not to introduce additional attack vectors into your network. Internal and guest networks, rogue AP scanning, and wireless encryption should all be setup to ensure your wireless network remains secure.
Recommendation:Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are critical in preventing and documenting attacks as they happen against your network. IDS systems are valuable tools for IT professionals who need to diagnose the who, what, when, and where of attacks after they have happened.
Please provide the latest vulnerability scan report
Recommendation:Due to the large amount of devices that modern day networks have, it can be difficult to stay on top of the latest threats to each of them. This is why Vulnerability Scanning is so important. A vulnerability scanner will be able to inform IT Professionals of all known vulnerabilities with the equipment on your network. Knowing there is an issue is the first step in resolving the issue. We recommend reoccurring vulnerability scans both internally and externally on your network to identify any newly disclosed vulnerabilities.
Does your RMM tool retain any of the following logs?
Patching LogsAV/AM LogsAccess Logs
Recommendation:RMM tools can be very valuable for IT professionals to efficiently manage endpoints on a network, but they also need to be configured correctly to ensure they are not adding vulnerabilities to your network.
Recommendation:Reviewing Windows Updates before they are installed is an important step in the patching process. Filtering out updates that do not apply or have known issues associated with them will help to ensure your business systems remain in good working order. CNS recommends reviewing all updates before they are installed to ensure not unforeseen issues will arise. It is also important to deploy updates to a Pilot group before deploying to all production machines. A pilot group will help to identify any issues that may arise from updates and provide time to remediate the issue or deny the update.
Recommendation:Similar to Windows updates themselves, 3rd party applications also frequently release updates (Adobe Reader, Java, Slack, Notepad++, etc.). To keep your systems secure it is important to update these programs in a timely manner. CNS can help with this by taking over management of your 3rd party application updates and automating them.
Recommendation:As business data can be accessed from terminals on the network, it is important to never leave those terminals accessible to wandering eyes. Having your workstation’s screen set to auto-lock after a short period of time will help to protect any information on the PC and network. Having a locked screen helps to ensure that your data is secure even when you are away from your desk.
Recommendation:User credentials (usernames/passwords) are the primary line of defense used against preventing unauthorized access to organization resources, applications, and data. By sharing account credentials, the organization is opened to additional risk as the organization cannot confirm who has performed an action. CNS recommends that all users have unique usernames and passwords for all systems. User accounts should never be shared between employees or to external parties as it increases the risk faced by the organization.
Recommendation:Endpoint Anti-Virus/Anti-Malware is an excellent tool for helping to prevent intrusions into your network. These applications scan your local machines for malicious software, phishing attempts, ransomware, and other intrusion attempts. CNS recommends that all workstations and servers on the network have up to date AV/AM software and that you maintain an active vendor support agreement with the supplier of the AV/AM software.
Recommendation:Endpoint encryption helps to protect the data on a device by making the contents of the hard drive unreadable. Should a device be lost or stolen, endpoint encryption will prevent the malicious entity from being able to read the data on the PC. CNS recommends that all organization workstations be encrypted with an up-to-date encryption software, such as Microsoft’s BitLocker Encryption.
Recommendation:Virtualization of servers can help to reduce costs incurred by the organization when equipment must be replaced. By using a small number of virtual server hosts, the organization reduces the likelihood of a piece of hardware failing resulting in data loss. Additionally, virtualization allows for scaling of “virtual” hardware for your severs.
Recommendation:Dumpster diving is a real threat when documents are not properly disposed of. Any documents that contain sensitive data (IP, PII, PHI, Credit Card data, etc.) need to be fully destroyed before disposal. Disposal can be done via an approved cross shredder or through a 3rd party disposal service. Often times disposal services will provide a certificate of destruction as well.