Cybersecurity Hardware Security network security

Data Backup, Firewalls, Incident Response and Business Continuity

Last month we discussed “Email Security and Employee Cybersecurity Awareness Training,”

This month we discuss Data Backup, Firewalls, Incident Response and Business Continuity measures for improving your Cyber-Risk profile the BEST you can as FAST as you can.

· Email Security and Employee Cybersecurity Awareness Training

· Data Backup, Firewalls, Incident Response and Business Continuity

· Multi-factor Authentication (MFA) and Access Management

· Internal/External Vulnerability scans and Continuous Improvement

· Document “Best Practices” Policies to support your security strengths

· Maintaining Your Networks Software and Hardware Security

Digital Transformation is introducing more and more technology to support public entities and K-12 Districts efforts to provide critical services to their communities. With this comes more and more potential “openings” for Cyber Criminals to attack.

Many Cybersecurity experts state “it is not a question of IF, but rather WHEN an organization will be attacked”. Given this, it is important to prioritize taking the proper precautions to minimize the impact of a potential attack.

Smart data storage and backup, firewall, incident response, and business continuity Policies and planning are 4 of the most important considerations for minimizing the potential for a disruption of services.

DATA Backup

A Proper Backup Policy positions you to respond quickly to restore availability of data and critical applications and reduces the likelihood that equipment failure, accidental deletion or at worst a ransomware attack will adversely affect the continuation of community services.

Data Backup Best Practices Policy:

· Document the location of critical data and ensure it is included in scheduled backups

· Automate your Backup processes and use status alerts for successful or unsuccessful backup.

· Always Backup to a separate encrypted network location

· Use separate login credentials and preferably MFA to access your Backup

· Test restoring your Backup on a regular basis

Firewall Policies:

Firewalls act as a gatekeeper to prevent intrusion and remote access for unauthorized personnel, to keep your network from being targeted by viruses and malware and serves as a defensive channel to control the network traffic based on security parameters.

Firewall Best Practices Policies:

· Configure your Internet Firewall to prevent unauthorized external access and allow Remote Users access only via VPN, not RDP

· Update new Firewall patches on a timely basis

· Restrict specific external websites from Users to prevent accessing potential harmful content

· Only allow traffic on network ports necessary to meet necessary business requirements.

· Internal firewalls should be deployed to limit access between internal network segments

· Endpoint firewalls should be active and configured to prevent User from disabling.

Incident Response and Business Continuity Policies

Incident Response and Business Continuity Policies and Plans are important to develop and test before they are needed. Incident Response and Business Continuity provide guidance for both Users and staff during an incident to ensure proper and timely steps are taken to resolve the incident.

Incident Response Best Practices Policies

· Train Users to recognize abnormal behavior and provide clear guidance on how to report the incident

· Train the staff receiving the incident report on how to engage the Incident Response Team (IRT).

· IRT members should be trained to manage documentation, Evidence Preservation and External Insurance and Agency notification according to the plan.

Business Continuity Best Practices Policies:

A Business Continuity Policy identifies potential disruptions and disasters, defines mitigation strategies and procedures to ensure continued delivery of services and other critical functions when the original system or facility becomes unavailable. The IT portion of the Business Continuity Plan should include the following:

· Risk Analysis identifying potential risks and mitigation strategies

· Business Impact Analysis to identify the organization’s functions and the effect of critical functions

· Communications Plan to contact workforce members, customers, and vendors

· Alternate site plan if the organization’s physical facilities are not available

· Ability to redirect incoming phone calls; e-mail; access to the organization’s on-line resources

· Ability to continue critical services to customers and technology functions

· Recovery strategies based on the Risk Assessment and Business Continuity Plan

Planning and documenting the Best Practices Policies will go a long way to protecting you from and minimizing the potential cost from a disruption of service.

Next month we will discuss the importance of Multi-factor Authentication (MFA) and Access Management providing an additional layer of protection at the end-user level.

ResoluteGuard uses industry best internal and external scanning tools to identify your Cyber-risk strengths and weaknesses and populate easy to use, easy-to-understand smart workflow reports that align the governance, administration, and technical activities to the common objective: avoiding a disruption of critical services.

Click here to learn how we partner with ESA’s to support your members or email David Ludwig at [email protected]