Take action to prevent the threat of cybercrimes with this checklist.
A business’s network infrastructure is vulnerable to a wide range of risks, from physical and cyber threats. Cyber actors exploit vulnerabilities to disrupt, destroy, or threaten the delivery of business services. In light of the risk and potential consequences of cyber events, strengthening the security and resilience of a business’s network infrastructure becomes paramount.
□ Patch operating systems, 3rd party software, and firmware as soon as updates/patches are released.
□ Install and update antivirus software on all endpoints, and enable real-time detection.
□ Perform backups of all data with encryption enabled during transit and at rest with password protection. Ensure these copies are not accessible for modification or deletion from any system where the original data resides.
□ Ensure that you have implemented and are using multifactor authentication (MFA) wherever possible.
□ Review domain controllers, servers, workstations, and active directories for new or unrecognized user accounts.
□ Use a strong password policy to make sure accounts on the server and the local computer can’t be compromised.
□ Enable logging to audit user accounts with administrative privileges, and configure access controls with least privilege in mind. Do not give all users administrative rights.
□ Disable unused ports, especially Remote Desktop Protocol (RDP) ports, and monitor remote access/RDP logs for any unusual activity.
□ Implement SPF, DMARC, and DKIM to stop email spoofing/phishing from your domain.
□ Consider adding an “EXTERNAL” email banner, typically a horizontal yellow banner, to emails received from outside your organization.
□ Disable hyperlinks in received email.
□ Implement network segmentation, so that all machines on your network are not accessible from every other device.
□ Train users to better identify and prevent cyberattacks, especially phishing attacks.