Free Resources: The Data Defender Information Security Program
Has your company been attacked yet? Our groundbreaking Data Defender program provides a simple set of defensive measures that can keep you
from becoming a victim. Show your management that you are being proactive, without disrupting your business or your budget.
The following components are included in the program:
The Five Easiest Information Security Steps - click on each for a description
The ISP is the foundation for your data security and includes the major responsibilities and your operating rules. We provide an ISP for you which we can tailor to suit your needs. You will want to assign responsibility for individual items and steps.
You really don't know how to secure your critical data until you identify where it is and how it's defended. This inventory is an important task that insures that no important data items are left unprotected.
This semi-annual or annual training may be conducted in-house or by a third party, but should generally follow the outline we provide you. We also offer the course itself, in online form.
"Defense in Depth" means multiple layers of protection for your data stores, especially the most critical information. You may need three or four layers, such as locked doors, employee badges, passwords, etc.
And one layer should usually involve human interaction or review.
There are many additional options for additional protection, including scans, assessments, software tools like Incident Detection Systems, Log Analyzers, and more. Some may be well worth the cost and effort.
Seven Best Security Practices - click on each for a description
Key data should reside on servers rather than desktop workstations. But wherever your data is, backups should be automated to insure that are always executed. This is a key protectuion against Ransomware attacks.
Identify the data that you just can't live without and imagine potential breaches which would be very costly. Consider low cow cost / high impact protection procedures.
Users don't need to learn about hacking technology, cyber exploits, and the latest software configurations and patches. You may have IT staff and security personnel who need those courses,
and there are many sources for this training too.
Use a "pen tester" or "white hat hacker" to periodically test your information defenses. On a budget, use a single tester rather than hiring an outside firm and the more costly
"red team" and "blue team" services.
Web servers typically face the internet, and are most exposed to attacks. Your internal devices and internal servers hold critical operating data and should be on a separate network
that is not reachable from the puiblic internet. Use "subnets" or separate locations to help make this happen.
Build a relationship with a consultant, based on trust and continuous improvement. Pen testing, SAT training, and overall assessments are key areas where an outsider can be valuable.
Improving your data protection posture and resiliance (your ability to recover from an attack or breach) is an ongoing responsibility, not a one-time project. Establish a culture of
good cybersecurity practices and keep it going.
Includes: Data Inventory Template, Security Questionnaire, Information Security Policy, Vulnerability Scan
Enroll here today for immediate processing: