17 Critical Cyber Security Questions To Ask Your IT Team
Suddenly the office is closed, and everyone’s working from home.
The IT team is coping, but you’ve got a nagging doubt about whether these hasty arrangements are secure. You ask the IT team a few questions about cyber security, but the answers seem to be in a different language!
Well, you should be concerned. Criminals are ramping up their activities, because systems are more vulnerable when people work from home.
But there’s no need for panic. Most cyber attacks are successful simply because basic steps haven’t been taken.
Here is a simple checklist to ask the person responsible for IT. The answers should all be YES!
Protect your data
- Do we know for sure that our backups are actually working?
- Does data stored on a home user’s hard drive get backed up?
- Does our central data storage have versioning?
- Have we got a Data Loss Prevention system running?
Protect your remote devices
- Do we have multi-factor authentication set up for our systems?
- Will our anti-virus, anti-malware and patching tools automatically update for home users?
- Has everyone who’s working from home signed a communications and internet usage policy?
- Have we given cyber security training to the team within the last six months?
- Are our GDPR policies appropriate for people working remotely and at home?
Protect your network
- Do we use a Virtual Private Network (VPN) to connect remote users to the company network?
- Is our email system encrypted, and has DKIM, DMARC and SPF been set up on the Domain?
- Do we have mobile device management systems controlling all mobile equipment on the network?
- Do we have an appropriate system usage and data management policy?
- Are business applications configured to provide least-access privileges?
Stop the bad guys
- Is our video conferencing protected against rogue attendees and are calls secure?
- Have we got proper checks in place to stop us losing money through fraud?
- Are our remote support tools secured against rogue access?
Freeman Clarke is the UK’s largest and most experienced team of part-time (we call it “fractional”) IT leaders. We work exclusively with ambitious organisations and we frequently help our clients use IT to beat their competition. Contact Us and we’ll be in touch for an informal conversation.