Sacramento’s Premier IT Support & Security Specialists | Blog | Contact
Contact Us: 916-366-6566
Please provide them
Please provide them
Have they been tested within the last 2 years?YesNo
If Yes, please provide evidence of test.
Please provide the latest server & workstation backup report you have
Do you utilize both encryption for data at rest, as well as for data in transit?YesNo
Please detail what cloud service you use to store PHI/PII
Instructor Led TrainingReading MaterialsPhishing Training/Simulations
What is the frequency of the training?
Have you performed a PCI DSS compliance audit of your site?YesNo
Please provide the latest vulnerability scan report
Does your RMM tool retain any of the following logs?
Patching LogsAV/AM LogsAccess Logs
Recommendation:Anonymous event monitoring is a type of advanced network security provided by a SIEM solution. A SIEM will review all network logs in real time to notify IT staff of incidents as they are happening. Modern day networks have hundreds of different devices that connect and manage the network. Being able to review all of their logs in real time can drastically improve time to action for IT Security professionals.
Recommendation:Similar to Windows updates themselves, 3rd party applications also frequently release updates (Adobe Reader, Java, Slack, Notepad++, etc.). To keep your systems secure it is important to update these programs in a timely manner. CNS can help with this by taking over management of your 3rd party application updates and automating them.
Recommendation:Dumpster diving is a real threat when documents are not properly disposed of. Any documents that contain sensitive data (IP, PII, PHI, Credit Card data, etc.) need to be fully destroyed before disposal. Disposal can be done via an approved cross shredder or through a 3rd party disposal service. Often times disposal services will provide a certificate of destruction as well.