Security Checklist

    SMB Cybersecurity Essentials

    Effective cybersecurity practices start with following industry standardized frameworks, such as NIST CSF or CIS. This ensures basic security hygiene is in place and allows for accurate industry benchmarking, ongoing improvements, and awareness of current security threats. Use this checklist to better understand privacy concerns and the policies and procedures critical to maintaining a secure organization and a culture of cybersecurity. 

    Download Checklist

    Interactive Tool

    If your organization follows the security best practice, click the box. Once you have reviewed all the options and selected the policies you practice, then click Get My Results.

    Privacy Program

    Internal privacy policy
    Internal privacy policy
     Train employees on your privacy policy
    Train employees on your privacy policy
     Internal policy for data retention
    Internal policy for data retention

    Security Program

    Compliance framework
    Compliance framework
     Third-party audit
    Third-party audit
     Security awareness training
    Security awareness training
     Phishing awareness training
    Phishing awareness training
     Clean desk policy
    Clean desk policy
     Visitor program
    Visitor program
     Identify digital assets
    Identify digital assets
     Multi-factor authentication (MFA)
    Multi-factor authentication (MFA)

    Tools

    Use secure networks
    Use secure networks
     Secure wireless networking
    Secure wireless networking
     Secure email gateway (SEG)
    Secure email gateway (SEG)
     System auditing
    System auditing
     Configure backup solution
    Configure backup solution
     Test backup solution
    Test backup solution
     Domain name system (DNS) and content filtering
    Domain name system (DNS) and content filtering
     Endpoint detection and response (EDR)
    Endpoint detection and response (EDR)
     Security information and event management (SIEM)
    Security information and event management (SIEM)

    System Hardening

    Clean up all unused programs on all systems
    Clean up all unused programs on all systems
     Use group and active directory
    Use group and active directory
     Secure endpoint configurations
    Secure endpoint configurations
     Implement perimeter security
    Implement perimeter security
     Patch management plan
    Patch management plan
     Monitor and track behavior in cloud apps
    Monitor and track behavior in cloud apps

    Vulnerability and Risk Management

    Define a vulnerability analysis and resolution strategy
    Define a vulnerability analysis and resolution strategy
     Vulnerability management program
    Vulnerability management program

    Response

    Incident response policy
    Incident response policy
     Incident response procedures
    Incident response procedures
     Identify roles and responsibilities
    Identify roles and responsibilities
     Business continuity and disaster recovery
    Business continuity and disaster recovery
     Incorporate lessons learned
    Incorporate lessons learned
     Trusted partners to manage and monitor
    Trusted partners to manage and monitor
    Get My Results

    You Need Help!

    Your needs and our expertise align well. IT downtime is an expensive risk of doing business. Without the ability to maintain or restore business operations, it could result in direct losses in productivity and revenue.

    You're Doing Okay

    You’re doing pretty well, but it looks like there could be some opportunities for improvement and efficiency. Outsourcing for IT services is a sound business practice to yield a higher ROI on IT spend. You may not need immediate help, but here are some things to consider ongoing...

    You're Doing Very Well

    To keep the good momentum going, you should subscribe to our blog to learn more. You might also be interested in the Marco Business Review to obtain more insight on how you could be successful ongoing.

    Let's Talk