Premier IT Support & Security Specialists | Blog | Contact
NAME *
COMPANY *
EMAIL ADDRESS *
PHONE NUMBER *
YesNoN/A
If Yes Please Attach Document
Recommendation: CNS recommends having a comprehensive list of all company vendors listed with their contact information, point of contact, access, and SLA information. This is helpful as you will not need to hunt around for the proper contact information, saving valuable time during an incident. Additionally, this list can be referenced as vendors are dismissed to make sure any/all access they have can be removed.
Have they been updated within the last 2 years? YesNoN/A
Please provide them
Recommendation: Security policies are the guidelines that indicate managements intentions on securing their physical and information assets. They also provide guidance on acceptable use of these assets and the ramifications should be not be follow. CNS can provide IT security documents to your company should you request them.
Have they been updated within the last 1 year? YesNoN/A
Recommendation: Asset documentation helps a company to assign a value to their core assets. Should a core asset become unavailable due to an incident that can cause productivity and monetary impact to a company. CNS recommends the creation of a written asset management document detailing the function of the asset as well as the impact to the company should the asset become unavailable.
Have they been tested within the last 2 years? YesNoN/A
If Yes, please provide evidence of test.
Recommendation: Business Continuity Plans are pre-drafted, pre-determined protocols for how your organization will overcome a business disruption caused by an emergency. Containing a serialized checklist of risk-mitigating action to take, business continuity planning addresses both natural and human disasters that can strike, ultimately bringing operations to a halt. CNS can help by providing a generic BCP that your company can use and adapt to fit your organization.
Please provide them Please provide the latest server & workstation backup report you have Recommendation: A backup policy help an organization manage its expectations and provides specific guidance on the “who, what, when, and how” of the data backup and restore process. The policy should go over who is responsible for managing backups and confirming they complete successfully, as well as dictate who can access the backups and how long the data should be retained. CNS can assist in providing a standard backup policy that can be adjusted to best fit your needs.
Recommendation: A backup policy help an organization manage its expectations and provides specific guidance on the “who, what, when, and how” of the data backup and restore process. The policy should go over who is responsible for managing backups and confirming they complete successfully, as well as dictate who can access the backups and how long the data should be retained. CNS can assist in providing a standard backup policy that can be adjusted to best fit your needs.
Is the data stored locally on your network or in a cloud service? LocalCloud
Do you utilize both encryption for data at rest, as well as for data in transit?YesNoN/A
Please detail what cloud service you use to store PHI/PII
Recommendation: CNS recommends the implantation of encryption both at rest and in transit for any company that sends, receives, or stores PHI and PII. Encryption is a requirement as dictated in the Health Insurance Portability and Accountability Act (HIPAA) of 1996 for storing, sending, and receiving PHI and PII.
What type of training do you provide? Instructor Led TrainingReading MaterialsPhishing Training/Simulations
What is the frequency of the training?
Recommendation: It is essential to your business to ensure your employees are trained on the constantly changing security threats and how to avoid these threats. CNS provides both online training courses as well as Phishing simulations to help employees learn what to watch for and how to avoid phishing scams.
Recommendation: Leveraging Threat Intelligence is important as you can gain vital information about your business sector that would enable you to detect and defend against known attacks. CNS does monitor ISAC and other threat intelligence providers for the latest information on new and ongoing threats.
After user termination, do you disable accounts? YesNoN/A
How long after termination do you disable accounts?
Recommendation: It is best practice to have a listing of all user accounts so you can make sure no account is left with access after employees leave. CNS maintains user lists through several different vectors including, Active Directory, Azure Active Directory, and N-Central. It is important to notify us when user status’ change so we can make the appropriate modifications to the user’s access.
Recommendation: Admin access allows users to install, delete, or modify applications and programs that may not be consistent with your business model. CNS recommends the removal or limit the use of admin access for all users who do not need the additional permissions to perform their job duties.
Only at new hireAnnually
Recommendation: Background checks should be performed on an annual basis as many items that may impact your business through an employee’s behavior may not be visible to you. CNS recommends you update your background check policy, notify your employees, and perform background checks on an annual basis.
What MDM solution do you utilize?
Recommendation: CNS recommends that if employees have access to company data on mobile devices the mobile device be protected by a MDM solution. CNS utilizes Microsoft Intune to manage devices and we can assist you in deploying this solution.
Recommendation: CNS recommends only giving users those privileges which are essential to perform their intended job function. By restricting users access to only what they need an organizations security will be greatly increased. Should an attack occur, privilege escalation becomes much more difficult for the attacker.
Please select if any: Line of Business ApplicationsWorkstationsCloud Solutions (Office 365, Google Docs)
Recommendation: Multi-factor authentication should be enabled on all critical systems for any users who have access. Accounts secured with MFA can remain unbreached even if the account username and password have been compromised.
Have you performed a PCI DSS compliance audit of your site? YesNoN/A
Recommendation: If you perform any e-commerce on your network, CNS recommends the site be secured by an SSL certificate and the site be consistently audited for PCI DSS compliance. PCI DSS is the information security standard for organization that handle branded credit cards and their information.
What email provider does your organization use? Please SelectLocally hosted Microsoft ExchangeMicrosoft Office 365Hosted POP/IMAP EmailOther
What anti-spam solution do you utilize?
Recommendation: Anti-Spam solutions are import to both reduce the amount of unnecessary and unwanted email and to block malicious email from reaching your users inboxes.
What solution do you use?
Recommendation: Advanced email security suites offer many advanced solutions to protect email systems beyond traditional anti-spam / anti-malware solutions. Solutions such as Impersonation Protection and Sandboxing for links and attachments greatly increase the security of email systems.
Recommendation: CNS recommends that any time private or sensitive information needs to be emailed, it should be sent via an encrypted email. An encrypted email protects the contents of the email from being viewed by unauthorized 3rd parties.
What DLP solution do you use?
Recommendation: DLP prevents the accidental (or intentional) disclosure of private/sensitive data. By configuring DLP thresholds, an organization can choose what happens when an outgoing email/OneDrive/SharePoint link attempts to send sensitive email to a 3rd party. The content can be blocked, encrypted, or otherwise locked down. CNS recommends implementing a DLP solution if your organization works with any type of sensitive information (PHI, PII, Credit Card Info, Corporate IP, etc.)
Have you changed the default username and password for your firewall? YesNoN/A
Does your firewall have an active security subscription? YesNoN/A
Recommendation: Firewalls are used to block unauthorized incoming traffic to your network. CNS recommends that firewalls be set with a DENY ALL rule for incoming traffic. With very few exceptions, nothing from outside should be allowed into the network without first originating from within the corporate network. Additionally, we recommend configuring logging on the firewall so that access and changes can be audited.
Recommendation: If your organization requires internet access for work, CNS recommends having a redundant ISP connection to your router. A redundant connection will prevent an office from going offline should an ISP have an outage. We understand that failures will happen and a redundant ISP connection is a good step towards minimizing the impact from the failure of a single component.
Recommendation: Data segregation helps to prevent unauthorized people or devices from accessing sensitive information. Network segmentation helps to prevent attackers from having full access to your network should one segment be compromised. Additionally, it makes implementing the Principle of Lease Privilege easier because some users will have access to some network segments while others will not.
What type of authentication do you use? (WEP, WPA2, RADIUS, OTHER)? Please SelectWEPWPA2RADIUSOTHER
Recommendation: Wireless access can be very beneficial for organizations that have a distributed user base within their headquarters or remote offices. That being said, it is important that wireless networks be configured securely so as not to introduce additional attack vectors into your network. Internal and guest networks, rogue AP scanning, and wireless encryption should all be setup to ensure your wireless network remains secure.
What Intrusion Detection Solution do you use?
Recommendation: Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are critical in preventing and documenting attacks as they happen against your network. IDS systems are valuable tools for IT professionals who need to diagnose the who, what, when, and where of attacks after they have happened.
Recommendation: Anonymous event monitoring is a type of advanced network security provided by a SIEM solution. A SIEM will review all network logs in real time to notify IT staff of incidents as they are happening. Modern day networks have hundreds of different devices that connect and manage the network. Being able to review all of their logs in real time can drastically improve time to action for IT Security professionals.
Do you perform internal and external scans? YesNoN/A
How often are the scans performed?
Please provide the latest vulnerability scan report
Recommendation: Due to the large amount of devices that modern day networks have, it can be difficult to stay on top of the latest threats to each of them. This is why Vulnerability Scanning is so important. A vulnerability scanner will be able to inform IT Professionals of all known vulnerabilities with the equipment on your network. Knowing there is an issue is the first step in resolving the issue. We recommend reoccurring vulnerability scans both internally and externally on your network to identify any newly disclosed vulnerabilities.
Who has access to the RMM tool?
Does your RMM tool retain any of the following logs?
Patching LogsAV/AM LogsAccess Logs
Recommendation: RMM tools can be very valuable for IT professionals to efficiently manage endpoints on a network, but they also need to be configured correctly to ensure they are not adding vulnerabilities to your network.
What tool do you use to approve and schedule Microsoft updates? Please SelectRMMSCCMWSUSOTHER
Recommendation: Reviewing Windows Updates before they are installed is an important step in the patching process. Filtering out updates that do not apply or have known issues associated with them will help to ensure your business systems remain in good working order. CNS recommends reviewing all updates before they are installed to ensure not unforeseen issues will arise. It is also important to deploy updates to a Pilot group before deploying to all production machines. A pilot group will help to identify any issues that may arise from updates and provide time to remediate the issue or deny the update.
What tool do you use to approve and schedule 3rd Party updates? Please SelectRMMSCCMWSUSOTHER
Recommendation: Similar to Windows updates themselves, 3rd party applications also frequently release updates (Adobe Reader, Java, Slack, Notepad++, etc.). To keep your systems secure it is important to update these programs in a timely manner. CNS can help with this by taking over management of your 3rd party application updates and automating them.
Recommendation: Support agreements are very important to maintain, especially for all Line of Business (LoB) applications. Often times when issues arise with LoB applications, the application vendor is the only entity with the knowledge and ability to investigate the cause of the issue and implement remediation steps. Not maintaining vendor support agreements can end up costing more money in the long run.
How long before your computer screen is set to lock when not in use? Please select oneLess than 15 minutesGreater than 15 minutes
Recommendation: As business data can be accessed from terminals on the network, it is important to never leave those terminals accessible to wandering eyes. Having your workstation’s screen set to auto-lock after a short period of time will help to protect any information on the PC and network. Having a locked screen helps to ensure that your data is secure even when you are away from your desk.
Recommendation: Attackers can use USB drives to infect PCs with malware when USBs are plugged in. You should determine whether to allow this risk by allowing USB storage devices to be used, or to mitigate this risk by blocking the use of USB storage devices. CNS recommends looking at your business processes and needs to see if the use of USB storage devices is necessary or not.
Recommendation: User credentials (usernames/passwords) are the primary line of defense used against preventing unauthorized access to organization resources, applications, and data. By sharing account credentials, the organization is opened to additional risk as the organization cannot confirm who has performed an action. CNS recommends that all users have unique usernames and passwords for all systems. User accounts should never be shared between employees or to external parties as it increases the risk faced by the organization.
How are user credentials shared?
Recommendation: Maintaining an accurate inventory of workstations, printers, and other networking devices helps to keep network security high. By knowing what devices are on your network and where they are located it makes it easier to handle device retirement and replacement. Removing old/legacy devices should be done on a reoccurring basis.
Recommendation: Surge protectors should be connected to all network connected devices. Surge protectors can help to protect organization data by power surges. Devices that do not have a surge protector and lose power or potentially corrupt data. CNS recommends that all devices be connected to power with a surge protector.
How often does this solution update?
Recommendation: Endpoint Anti-Virus/Anti-Malware is an excellent tool for helping to prevent intrusions into your network. These applications scan your local machines for malicious software, phishing attempts, ransomware, and other intrusion attempts. CNS recommends that all workstations and servers on the network have up to date AV/AM software and that you maintain an active vendor support agreement with the supplier of the AV/AM software.
What software do you utilize? BitLockerSymantec FDESophosOther
Recommendation: Endpoint encryption helps to protect the data on a device by making the contents of the hard drive unreadable. Should a device be lost or stolen, endpoint encryption will prevent the malicious entity from being able to read the data on the PC. CNS recommends that all organization workstations be encrypted with an up-to-date encryption software, such as Microsoft’s BitLocker Encryption.
Currently Using VMWareHyperVVirtualBoxOther
Recommendation: Virtualization of servers can help to reduce costs incurred by the organization when equipment must be replaced. By using a small number of virtual server hosts, the organization reduces the likelihood of a piece of hardware failing resulting in data loss. Additionally, virtualization allows for scaling of “virtual” hardware for your severs.
Recommendation: CNS recommends that all Windows workstations and server be updated to versions supported by Microsoft. Unsupported operating system versions do not receive Critical or Security updates. The absence of such updates can lead to vulnerabilities that are unable to be fixed.
Recommendation: CNS recommends locking not only your office when it is vacant, but any other areas inside your office where sensitive information is stored. This includes the server room, offices, and file cabinets.
Recommendation: Maintaining a log of who comes and goes from the organizations premises is an important step in maintaining site security. The sing-in log can be used after an incident occurs to find out who was on site, and it can also be used to prevent access to individuals who do not have the correct level of access. CNS recommends having all employees and visitors sign in and sign out when they access the premises.
Recommendation: Dumpster diving is a real threat when documents are not properly disposed of. Any documents that contain sensitive data (IP, PII, PHI, Credit Card data, etc.) need to be fully destroyed before disposal. Disposal can be done via an approved cross shredder or through a 3rd party disposal service. Often times disposal services will provide a certificate of destruction as well.
How do you dispose of hard copy documents? Please select oneThrown AwayShreddedOTHER
Recommendation: CNS recommends that all companies carry Cyber Security Insurance. For more information please download: WHY EVERY ORGANIZATION NEEDS CYBERBREACH INSURANCE