The 10 most important cybersecurity safeguards that your organization should be implementing right now.

1. Know Your Assets

To build an effective cybersecurity plan, you will need to know exactly what devices are residing inside your company’s environment. Clearly record all the details of your company’s IT infrastructure within a spreadsheet or diagram that can easily capture this information. Consistently update this spreadsheet or diagram as your environment changes.

Create a spreadsheet that clearly captures all makes, models, and serial numbers of all company devices. Also include all firmware versions and patch levels, default configurations and permission levels, hostnames, IP and MAC addresses, and open ports.

2. Train Your Users

A trained and aware workforce is the most effective tool that you can use to defend against security incidents. Keep all users up to speed on your company’s IT and sensitive data security procedures. Provide continual opportunities for education on user best practices and threat mitigation.

Phishing scams are one of the most common and costly attacks your company could face. Implement a phishing simulation that tests users’ ability to safely identify and handle a phishing email. Provide training following the simulation.

3. Whitelist Software

Clearly define what software is allowed to run on company devices. Enforce a ‘deny-everything, allow-by-exception’ methodology for downloading and executing all software.

Once you’ve clearly documented your company’s permitted software, use a whitelisting tool such as Windows AppLocker to enforce only its use.

4. Patch Software & Operating Systems

Implement a routine patch management strategy that regularly resolves system vulnerabilities, rectifies bugs, and improves application usability.

Administer a policy that requires workstations to retrieve and automatically install software and operating system updates when available.

5. Restrict Admin Privileges

Prevent end users from having access to administrative accounts or privileges. Grant admin privileges only if required for a specific role (e.g. an IT administrator). Swiftly and accurately deprovision user accounts when needed.

Engage Windows’ User Account Control feature at its strictest setting to require administrative credentials for specific machine configuration changes.

6. Harden System Components

Reduce your system’s attack surface by identifying and eliminating potential attack vectors. Harden applications, operating systems, servers, databases, and networks. Tailor this strategy according to your organization’s risk management plan.

Use Microsoft Office’s “Protected View” when viewing external documents. This will prevent any macros or scripts from executing unless specifically permitted to do so. Only enable editing with trusted documents.

7. Segment Your Network

Split your company’s network into different sub-networks and protect using firewalls. Isolate important assets from one another to prevent lateral movement through your network.

On your company’s switch, divide your network into different isolated Virtual Local Area Networks (VLANs) for wired and wireless connections.

8. Backup Your Data & Test Resoration

Protect your company from data loss by backing up and encrypting your data regularly. Develop a recovery plan that describes procedures should an unexpected event occur. Continue to test recovery plan as your environment changes.

Once you have determined your organization’s Recovery Point Objective (RPO) and Recovery Time Objective (RTO), use Windows Backup to implement a schedule for routine data backups.

9. Enable Multi-Factor Authentication

Require your users to provide at least two different authentication factors when accessing company devices, accounts, networks, and other important assets.

In addition to providing a password, require users to also respond to a push notification or insert a USB security key when accessing company devices.

10. Collect & Analyze Event Logs

Establish a method for gathering, managing, and inspecting event logs. Store logs in a central repository with protective mechanisms in place.

If collecting and analyzing event logs is too daunting a task for your organization, partner with a Security Information and Event Management (SIEM) vendor.

Need help implementing the Totem Top 10 in your organization’s environment? We can help. Contact us here to learn more!

Download our Totem Top 10 Infographic!