Engaging a computer security professional to complete a network security assessment can be the start to developing a cyber-security plan that will help you reduce and eliminate the threats and vulnerabilities that could impact your business.
The important areas to consider are:
- Prevention – the best defense is to keep the bad guys off your network in the first place. Typical defenses include a hardware firewall, UTM (Unified Threat Management), or Intrusion Detection device, couple with a solid Internet Security software product installed on all your computers.
- Resolution – your company should have a procedure in place that outlines what to do in the event of a breach or active attack. The would include a call list, and instructions on how to preserve affected systems for forensic analysis.
- Restitution – your company needs to have a procedure in place that defines what kinds of notice and remedies will be offered to employees or clients that may be impacted by a security breach that releases personally identifying information, or banking or credit card information. You should also be thinking about what happens if you company suffers a loss of proprietary information or financial resources.
There are some great resources at FCC.gov but because of the “Government Shutdown” the web site has been pulled down for now. If the FCC site ever comes back here’s the link for their Small Biz Cyber Planner. Other helpful links can be found at StaySafeOnline.orgShare