Spring has sprung. The snow has melted and baseball season is underway. It’s time to clear out the cobwebs, both literally and figuratively. And if Martha Stewart has any say about it, it’s time for a household’s typical spring cleaning involves clearing out closets, de-cluttering cabinets, and getting everything clean and shiny. But that’s not all that might need attention. The National Cyber Security Alliance (NCSA) and Better Business Bureau (BBB) say now is the perfect time for a “digital spring cleaning.”
In fact, they have offered up a laundry list of tips that are great reminders for all. We’ve included a couple, plus a few of our own.
Keep clean machines.
Keeping all web-connected devices -- including PCs, mobile phones, smartphones, and tablets -- free from malware and infections makes the Internet safer for you and more secure for everyone. So keep all critical software current and definitely delete unused apps (including the operating system on your mobile device).
Be mindful of your online accounts.
Turn on two-step authentication -- also known as two-step verification or multi-factor authentication -- on accounts where available and focus on strengthening your passwords.
Examine your current environment.
Any plan – whether it’s a sales &marketing or IT security plan, needs periodic evaluations. So, we recommend looking at the protocols themselves to see if they adequately address your company’s current status. Has your company grown since establishing protocols? Added employees? Expanded into new markets? Once you’ve answered those questions, you can determine if they need updating.
Evaluate your team’s security knowledge.
Are your employees appropriately trained? Do they know how to recognize potential security risks? New employees may need formal education in company expectations, and longer-term workers may need a refresher – especially if you’ve found your protocols need updating, too.
Take a good look at your response plan.
First off, let’s make sure you have one! If your data breach response plan hasn’t been reviewed in six months or longer, consider updating and making considerations for any new challenges.
We also recommend reviewing the SANS Top 20 Security Controls, as well as researching and/or revising your key management and log retention policies. It will help you prioritize and focus on a smaller number of actionable controls with high-payoff, aiming for a "must do first" philosophy.
And finally, consider taking our 3-minute “What’s My Security Posture” test. It’s the quickest and most accurate way of finding out just how security ready you are. You’ll find out where (and more importantly, how) to do a spring cleaning that would make even Martha Stewart proud.