Security Checklist

SMB Cybersecurity Essentials

Align with a best-practice security framework to assess your organization.

Effective cybersecurity practices start with following industry standardized frameworks, such as NIST CSF or CIS. This ensures basic security hygiene is in place and allows for accurate industry benchmarking, ongoing improvements, and awareness of current security threats.
 
Use this checklist to better understand privacy concerns and the policies and procedures critical to maintaining a secure organization and a culture of cybersecurity. If your organization follows the security best practice, click the box. You can also download the checklist below:
 
New call-to-action

Privacy Program

icon-privacy-policy
Internal privacy policy
 security-visitor
Train employees on your privacy policy
 icon-privacy-data
Internal policy for data retention

Security Program

response-procedure
Compliance framework
 Third party audit
Third-party audit
 security-training
Security awareness training
 security-phishing
Phishing awareness training
 security-clean-desk
Clean desk policy
 icon-privacy-employee
Visitor program
 security-assets
Identify digital assets
 security-authentication
Multi-factor authentication (MFA)

Tools

tool-network
Use secure networks
 tool-wifi
Secure wireless networking
 tool-email
Secure email gateway (SEG)
 tool-system-audit
System auditing
 tool-backup-solution
Configure backup solution
 tool-backup
Test backup solution
 tool-dns
Domain name system (DNS) and content filtering
 tool-database
Endpoint detection and response (EDR)
 tool-security-incident
Security information and event management (SIEM)

System Hardening

system-programs
Clean up all unused programs on all systems
 system-directory
Use group and active directory
 system-security
Secure endpoint configurations
 system-secure
Implement perimeter security
 system-patch-management
Patch management plan
 system-cloud
Monitor and track behavior in cloud apps

Vulnerability and Risk Management

vulnerability-strategy
Define a vulnerability analysis and resolution strategy
 vulnerability-program
Vulnerability management program

Response

response-incident
Incident response policy
 response-procedure
Incident response procedures
 response-roles
Identify roles and responsibilities
 response-continuity
Business continuity and disaster recovery
 response-lessons
Incorporate lessons learned
 response-monitor
Trusted partners to manage and monitor
Get My Results

Your Business is At Risk!

Your needs and our expertise align well. IT downtime is an expensive risk of doing business. Without the ability to maintain or restore business operations, it could result in direct losses in productivity and revenue.

Note: This is not a comprehensive security assessment

Practices Need Improvement

There are opportunities for improvement and efficiency to meet the recommended minimum cybersecurity practices. For businesses looking to solve security weak points, keep up with industry best practices and mitigate risk, here are some options:

Note: This is not a comprehensive security assessment

Practices Meeting Expectations

68% of business leaders feel their cybersecurity risks are increasing. To stay current on threats or the latest news, subscribe to our Technology Insights blog. Leverage the power of industry-leading tools and Marco’s technical expertise to identify risk and improve your IT security – IdentifyIT.

Note: This is not a comprehensive security assessment

Let's Talk