The 10 most important cybersecurity safeguards that your organization should implement to lower its cybersecurity risk.

To build an effective cybersecurity plan, you will need to know exactly what devices are residing inside your company’s environment. Clearly record all the details of your company’s IT infrastructure within a spreadsheet or diagram that can easily capture this information. Consistently update this spreadsheet or diagram as your environment changes.

Create a spreadsheet that clearly captures all makes, models, and serial numbers of all company devices. Also include all firmware versions and patch levels, default configurations and permission levels, hostnames, IP and MAC addresses, and open ports.

A trained and aware workforce is the most effective tool that you can use to defend against security incidents. Keep all users up to speed on your company’s IT and sensitive data security procedures. Provide continual opportunities for education on user best practices and threat mitigation.

Phishing scams are one of the most common and costly attacks your company could face. Implement a phishing simulation that tests users’ ability to safely identify and handle a phishing email. Provide training following the simulation.

Clearly define what software is allowed to run on company devices. Enforce a ‘deny-everything, allow-by-exception’ methodology for downloading and executing all software.

Once you’ve clearly documented your company’s permitted software, use a whitelisting tool such as Windows AppLocker to enforce only its use.

Implement a routine patch management strategy that regularly resolves system vulnerabilities, rectifies bugs, and improves application usability.

Administer a policy that requires workstations to retrieve and automatically install software and operating system updates when available.

Prevent end users from having access to administrative accounts or privileges. Grant admin privileges only if required for a specific role (e.g. an IT administrator). Swiftly and accurately deprovision user accounts when needed.

Engage Windows’ User Account Control feature at its strictest setting to require administrative credentials for specific machine configuration changes.

Reduce your system’s attack surface by identifying and eliminating potential attack vectors. Harden applications, operating systems, servers, databases, and networks. Tailor this strategy according to your organization’s risk management plan.

Use Microsoft Office’s “Protected View” when viewing external documents. This will prevent any macros or scripts from executing unless specifically permitted to do so. Only enable editing with trusted documents.

Split your company’s network into different sub-networks and protect using firewalls. Isolate important assets from one another to prevent lateral movement through your network.

On your company’s switch, divide your network into different isolated Virtual Local Area Networks (VLANs) for wired and wireless connections.

Protect your company from data loss by backing up and encrypting your data regularly. Develop a recovery plan that describes procedures should an unexpected event occur. Continue to test recovery plan as your environment changes.

Once you have determined your organization’s Recovery Point Objective (RPO) and Recovery Time Objective (RTO), use Windows Backup to implement a schedule for routine data backups.

Require your users to provide at least two different authentication factors when accessing company devices, accounts, networks, and other important assets.

In addition to providing a password, require users to also respond to a push notification or insert a USB security key when accessing company devices.

Establish a method for gathering, managing, and inspecting event logs. Store logs in a central repository with protective mechanisms in place.

Consider partnering with a Security Information and Event Management (SIEM) vendor, who will collect and analyze your organization’s event logs for you.

Need help implementing the Totem Top 10? We can help.

Contact us to learn more!

Download our Totem Top 10 Infographic!