Advanced Security Categories
Backups
Accounts
Patches
Firewalls
Antivirus
Surveillance
Education
M365
Encryption
Backups
Having a USB Flash drive is not a good backup. Ransomware will infect your files, and immediately infect any files for a device you plug in. Backups should be encrypted, and cloud-based to ensure you have a good rollback.
Accounts
ACTIVE USERS WITHOUT EXPIRING PASSWORDS Attackers exploit leaked passwords to gain network access. Stale passwords jeopardize the network to breaches and attacks and are completely preventable through an enforced password change policy.
Patches
Ensure all Windows and Security Patches are up to date. Hard Drives that are full will also cause potential errors in the near future, as well as the ability to download the most recent security patches.
Firewall
Ensure all unnecessary ports are closed down. Ports like 3389 are frequently open and do not need to be. This is a port used by many hackers to deploy Ransomware.
Antivirus
Basic or Free Antivirus will provide you with a minimal level of protection. Advanced Antivirus with EDR is needed to both protect from an outbreak, but also to trace where it came from, and what files were affected.
Surveillance
Alerting should always be configured for all Antivirus and Firewall applications to ensure that attempts, both successful and unsuccessful to ensure you know when attempts are made
Education
Ensure that Sensitive Data cannot be sent via cloud file sharing applications. Ensure any file sharing application used has proper security controls.
Educate all the users to know what to share, how to share, and the importance of security.
M365
Accounts used for daily work should never have Administrator access. Create an unlicensed Administrator account and login with a Private browsing session for any administrative functions.
Encryption
All hard drives and removable media should always be encrypted. This will protect you if the hardware gets in the wrong hands.
Penetration Test-Reasoning / Methodology
Do you know WHY users are your biggest cybersecurity threat?
Because studies show that 91% of ALL cyberattacks start with a phishing email. This puts the hacker right inside your organization.
Our team uses a proprietary (patent pending) process to go beyond phishing training and find out what a hacker can gain access to when someone in your organization is phished.
Internal Testing
Considering over 90% of cyberattacks begin with a phishing email and over 19.8% of employees click phishing email links, our team focuses on what the attacker will gain access to if a normal user were to click a link.
We target employees who are the most likely to be phished. These employees also happen to be the ones who have the most to lose: CEOs, CFOs, Directors, HR and sales team members.
Why are they more likely to be phished in the first place?
They are often communicating with people outside your organization AND they process many more emails than others.
External Testing
What about the other 9% of attacks, how do they get started?
Hackers build sophisticated automation that is constantly scanning the internet looking for vulnerabilities. They use these vulnerabilities to get into networks. Galactic Advisors uses some of the same tactics to outline the perimeter of your organization, look for exposed services, find vulnerabilities, and attempt to exploit them
The following report contains evidence of our findings, remediation steps, as well as descriptions of the risks associated with them. Hackers are constantly coming up with new attack chains and vulnerabilities. These new methods need to be evaluated and remediated often. Best practice includes regular ongoing security assessments to identify and respond to these new threats.
Training
Train employees to recognize Phishing Attempts
Stop employees from rolling out the red carpet for hackers
Sandra Network provides in depth Testing of all aspects of your network, and then works with you to remediate the findings.
Backups
- Ensuring your data is secure is part of any Advanced Security Plan, but do you know the difference in backups and restore times?
- Image based backup vs File Based backup?
- Is your Cloud based Office 365 or G-Suite backup covered?
- If you get hit with Ransomware, you will want to know the difference to ensure you are up and running as soon as possible.
IT Security Policy Checklist
Acceptable Use Policy
Incident Response Policy
Security Awareness Policy
Password Policy
Backup and Disaster Recovery Policy
3rd Party Access Policy
Data Confidentiality Policy
Business Continuity Plan
I don’t know if we have any of these
Mobile Device Policy
Remote Access Policy
User Termination Policy
Bring Your Own Device Policy
IT Asset Disposal Policy
Removeable Media Policy (USB Drives/Sticks)