Build a Security-Aware Organization
- A written information security plan. This plan should identify the organization’s security policies, goals and priorities. It should also include policies for network security and use of company email, social media, and the Internet. Many state regulators request written information security plans when investigating organizations that have experienced a security breach.
- An inventory of the business’s core assets and sensitive data. Identify where this information is stored and who within the organization has the authority to access it.
- Access control. Limit access to computers, company networks and confidential data to only those who require it.
- Employee training programs. Employee training on basic security practices and policies is essential.
Establish Security Safeguards
- Password protection and authentication controls. Passwords are the primary means for controlling access to sensitive data resources. Change passwords regularly and consider multi-factor authentication.
- Be suspicious of unexpected emails. Phishing emails are designed to gain information or install malware on a device. Businesses should educate employees on the dangers of opening unexpected emails.
- VPN (virtual private network) for remote access. For organizations with remote users, VPN provides a secure channel through the Internet to the organization’s private network.
- Vendor security. Businesses need assurance that any vendors with which they share company information makes security a priority.
Prepare for the Worst
- Identification of an incident response team
- Clear delineating of possible incidents and how to identify and contain them
- Procedures for eradicating the root cause of the attack, restoring data and software, and monitoring systems for any remaining signs of weakness.
Source: The Hartford, “Prioritizing Cyber Security for Business Owners” https://www.thehartford.com website. Accessed December 28, 2020. https://www.thehartford.com/resources/business-cyber-security-prioritization-tips
© Copyright 2020. All rights reserved. This content is strictly for informational purposes and although experts have prepared it, the reader should not substitute this information for professional insurance advice. If you have any questions, please consult your insurance professional before acting on any information presented. Read more.