Introduction
Fun fact – an IT security assessment of your business systems is something that will not only help reduce the risk to your IT systems being breached, but you might not be insured if you have not been assessed recently.
Cybersecurity Insurance is a bit of a no brainer in many businesses now, as the risk is just too great. Not only the financial risks, but the whole reputation of the business is at stake.
What you might not know is that most insurers now require that an assessment of systems take place on a regular basis and that disaster recovery processes and procedures are maintained.
The question is do you have any of these implemented in your business?
Let’s look at this a bit more closely…
The IT Security Assessment
Ideally, a fresh pair of eyes should be performing the assessment – someone that does not know your IT systems.
The assessment itself will look at many aspects of your technology stack.
1. Patching
Most commonly, there will be a lookup of current IT inventory and how recently devices have been patched with the latest operating system updates.
2. Antivirus
The next check usually entails confirming that there is some form of antivirus protection on devices and again that the signatures are up to date.
3. Firewalls
Firewalls are next. Do you have one, and if so, what is it and what is being protected? More importantly, what’s not being protected and what ports may be open on the firewall?
4. User Access
What type of access control system is in place on your network and computer systems, who maintains this and how is it managed?
These are some of the most common IT security checks any assessor will perform. They may also look closely at your backup and disaster recovery procedure and processes.
First off, has your disaster recovery process been tested in the last 12 months? This is a common question insurance companies will ask.
If so, how long does it take to recover business-critical systems? That’s the second question they’ll ask.
3rd and probably most important is whether or not a test recovery of your backups has been performed in the last month?
The backup check is probably the most important check out of all the information we’ve outlined in this article. Ransomware has a tendency to encrypt all data on the network and the only method of restoring systems is usually by using the most recent backup.
If you would like a fresh set of eyes to check over the security of your business and IT systems please do not hesitate to contact us to arrange an assessment.
Get in touch with us
Secutor Cybersecurity is a trusted partner comprised of industry leading experts in the fields of Cybersecurity and Governance, Risk and Compliance. We partner with our clients to deliver on-demand solutions tailored to expertly navigate the regulatory demands of their specific industries.
Our proven track record of successfully exceeding client expectations is achieved through the combination of our methodical approach, advanced technologies, subject matter experts, and synergy with client team members.
Secutor is your team of world-class problem solvers with vast expertise and experience delivering complete solutions keeping your organization protected, audit-ready, and running smoothly.