Strengthen your organization’s cybersecurity

  • Develop an incident response plan

    A plan will enable you to react quickly in the event of an incident, restore essential data and systems, and minimize service interruptions and data loss. It should include strategies for backing up your data.

  • Use strong authentication

    Establish user authentication policies that meet both usability and security needs. Make sure devices authenticate users before giving them access to systems. Whenever possible, use two-factor authentication or multi-factor authentication.

  • Activate security software

    Enable firewalls and install anti-virus and anti-malware on your devices that block malicious attacks and protect against malware. Be sure to download the software in question from a reputable vendor. Install a Domain Name System (DNS) filter on your mobile devices to block malicious websites and filter out dangerous content.

  • Apply patches to applications and operating systems

    As soon as a problem or vulnerability is detected in software, the manufacturer releases a patch that fixes bugs, patches known vulnerabilities, and improves usability and performance. If possible, enable automatic patching and updates for all software and hardware to prevent threat actors from exploiting weaknesses or vulnerabilities.

  • Back up and encrypt data

    Copy your essential information and applications to at least one other secure location, such as the cloud or an external hard drive. In the event of a computer security incident or natural disaster, these copies will help you continue your business and prevent data loss. Your data can be backed up online or offline in three ways: full backup, differential backup and incremental backup. Test your backups.

  • Train employees

    Adapt your training programs to your cybersecurity protocols, policies and procedures. A well-trained workforce can reduce the risk of a computer security incident.

  • Securing cloud services

    Familiarize yourself with a supplier before engaging their services. Make sure they have taken steps to meet your security requirements and needs. Find out where the provider’s data centers are located. Privacy Acts and data protection requirements vary from country to country.

  • Securing Mobile Devices

    Adopt a mobile device deployment model. Will your company provide work devices to employees or allow employees to use their personal devices for work?

  • Establish a basic perimeter defense

    Protect your networks from cyber threats. For example, install a firewall to protect your networks from intrusions by monitoring incoming and outgoing traffic and filtering out malicious sources. Use a virtual private network (VPN) when employees work remotely to secure the connection and protect sensitive information.

  • Secure removable media

    Portable media, such as USB drives, are a convenient and inexpensive way to store and transfer data, but it is possible to lose them or have them stolen. Keep a record of all your assets. Use encrypted portable media, if possible, and clean them regularly.

  • Securing websites

    Protect your website and the sensitive information it collects. Encrypt sensitive data, ensure certificates are up-to-date, use strong passwords or passphrases in the background, and use HTTPS.

  • Implement access controls

    Apply the principle of least privilege to prevent unauthorized access and data compromise. Ensure employees have access to only the information they need to perform their jobs. Each user must have their own credentials, and administrators must have two separate accounts.

  • Configure Devices

    Review the default settings and make any necessary changes. At the very least, we recommend changing default passwords (especially administrative passwords) and disabling geolocation and unnecessary features.