Most clients I’ve been talking to are making security a priority for 2021. With everything that happened last year causing most organizations to move to remote work and the quick ingestion of systems and solutions to support that move caused security risks to increase drastically.
So, if you haven’t started thinking/talking about security and planning then you need too very soon. At the end of last year there was a big wake up call that can happen to anyone, even if you are doing everything “correctly”. Any vendor you are using could become compromised at any time. I have not seen a disaster recovery plan that would have planned for this contingency. So what should you do?
Our team has helped numerous clients recover from security breaches and based on our experience there are some key items everyone should be doing.
- Weekly Visual Security reviews of dashboards and manual review of key systems
- Backup of AD – Why? Because we have seen a couple instances were backups were corrupted and Domain Controllers had to be restored from scratch
- Excel list of all employees and phone numbers – Why? If e-mail is down and your core intranet how do you communicate. In one instance we had to use SMS messaging and direct calling to users. Without this list it would have taken even longer
- Excel list of vendors and contacts
- Documentation of passwords and service accounts
- Diagram of network
- Backup of Router and Wireless Network configurations – Why? These configurations if wiped have to be rebuilt
- Where? We have been recommending a SPO site that is only accessible to specific cloud only accounts that are only used on an as need basis.
If you have any questions or want to discuss this important topic more in depth, please contact Matt Holt at Mholt@mailctp.com