Free Executive Cyber Security Assessment



General Information


Enter Company Name

Email Address *

How important is IT Security to the business bottom line?(Business Profit) *

Security Breaches can cause service outages, damaged reputation and fines.

What solutions do you use for collaboration and document sharing? *

Use these solutions to boost productivity while keeping information protected.

What Data Loss Prevention tools do you use? (prevents users from leaking sensitive information) *

Data loss prevention "DLP" detects potential data breaches and helps to prevent them by monitoring data access.(BeCloud's SecureIT service)

How secure is your user access?

 t

Are Computer Passwords at least eight characters, changed regularly and a password history kept? *

Password management is important to the entire security of the business. Users should not use simple easy to guess passwords.

What type of user identity repository do you currently use? *

Computer logins should be stored in a central repository for easy administration and logging.

Do you use User Groups and/or Role-based Access Control? *

Role based authentication can simplify file access security. For example all front desk profiles could have similar access.

Do you use Multi-Factor Authentication *

Multi-factor improves password security by adding a pin or other token to the authentication process.

Is user identity synchronized between branch office and/or the cloud? *

Remote site, and cloud logins should be audited and synced across all on-premise and cloud assets.

Is your Data Security up to date?

 

Do you have a documented backup strategy? *

As part of the BeCloud secureIT service the backup strategy is documented during periodic security audits.

Do you have a documented DR strategy? *

DR stands for Disaster Recovery. (Backups, Redundancy, High Avaliability)

Do you have a clear understanding of your compliance status with relevant regulations such as HIPAA, Privacy Shield, PCI-DSS, GDPR, etc? *

If unknown select No.

Do you have patch management, antivirus and malware protection tools monitored and managed? *

It is not enough to have purchased AntiVirus, is it being monitored and maintained?

Do you have Device Controls in place?

 

What tools do you use for Device Management?

BeCloud's Managed Service is an example service that utilizes robot scripting and other tools to monitor devices.

Do you enforce compliance policies and/or conditional access? *

For Example, Part of the HIPAA regulation requires complex passwords. Is this enforced and listed in the employee handbook?

Are your devices encrypted? (TrueCrypt, BitLocker, etc.) *

The HIPAA regulation for examples requires patient data to be encrypted.

Are your mobile devices remote wipe capable? *

POP, and IMAP free email systems generally to not allow for remote wipe of phones if the device is stolen.

Is your Infrastructure Secure?

 

Are your remote access endpoints secured by VPN and/or HTTPS? *

Remote computers and phones must have secured access into the corporate network either on-premise or in the cloud.

Do you have scheduled server/infrastructure security audits? *

Most security experts agree that comprehensive security audits should take place at least once a year.

Is server physical access secured and monitored? *

Servers logs are monitored under the BeCloud ManagedIT service for example.

Is your private WiFi network secured from public access? *

Guest WIFI should be separate from business wireless networks. The access codes should be different.

Have you upgraded to a next generation firewall? *

Next Generation firewalls provide robust protection against new threats. Comcast and AT&T default router configurations are not secure.

Are your computer users trained regularly on security? *

BeCloud trains users through free newsletters, webinars and blog postings.

Is your software up to date and supported? *

Windows 7, Windows Server 2008, and SQL Server 2008 have reached end of life.