A good cybersecurity program will have many different policies and procedures. However, you don’t need everything at once. If you have no policies or procedures, we can help you establish a core set on which to base your cybersecurity program. Then we can grow your program over time until you have a full complement of policies. Since a policy is only as good as the people who follow it, let us help you gain the buy-in required to have not only good policies but effective ones too.
Incidents are things that happen. Not every incident is a breach of your network which leads to ransomware and the end of your business. Some incidents, once investigated, are just small anomalies which are easily corrected. However, each incident has the possibility to lead to the discovery of a full breach. Let us help you establish and/or review your company’s incident response policy. You will be glad you did because it is not IFyou will need this policy, but WHEN you will need this policy.
In how many places do you have each employee’s name listed? Does Human Resources maintain a database? How about Accounting, for expense reimbursement? Is there a separate database for access control ID Cards? How about Active Directory for Windows Accounts? Are there other non-Windows servers? How are those account identities maintained? The bottom line is that there should be an easier way to manage this data, and until there is, audits are critical to make sure that old accounts are disabled and Accounting does not have the ability to reimburse an employee who resigned two years ago.
The smaller the company, the higher the probability that a given person is wearing multiple hats. Whether you are a lawyer, a teacher, or a manufacturer, your job is not cybersecurity, it is to be a lawyer, a teacher, or a manufacturer. However, every company has the added responsibility to protect the data entrusted to it by its clients and employees. Allow us to be your Chief Information Security Officer (CISO) on an as-needed basis. We can assess your cyber infrastructure and advise you on the cybersecurity impact of new computer purchases, cloud versus on-prem decisions, networking firewalls, routers, and switches, and all things cybersecurity. Contact us for a free initial consultation to see what suits your needs.