You've written your Security Plan. Now what?

Companies who try to protect everything protect nothing.

I'm a meat and potatoes kinda guy.  What's that mean?  Stick with the basics and do them well.  They've never done me wrong. There are reliable technologies and processes that I recommend for every company --build a strong foundation. Once done, identify holes that need fixing (based on risk) and fix them. 

What are you afraid of most? Ransomware? Remote Access Trojans? What's most likely to attack you successfully --and hurt you the most? Ransomware can become an extinction event. So can not complying with the new government regulations. 

Here's what I suggest: You need to comply with government regulations. You also need to be secure. You can have both without breaking the bank. 

Here's what that foundation looks like:

  • Every endpoint gets two technologies; a good managed antivirus and an anti-evasion application. EDR can be useful but can also be expensive. Good security doesn't have to be costly.

  • Every network gets a next-generation firewall.

  • Every account has two-factor authentication. Store any passwords in a good password manager.

  • I prefer DNS Filtering over web content filtering... personal preference, but one person's porn site is another's bathing suit store. DNS filtering is ones and zeros... the address is good or bad.

  • Travelers VPN home when on the road.

  • Pay someone else to do the 24x7 monitoring and management are required.

Compliance is that easy. What else keeps you up at night? 

Need more information?  Drop us a note for some consulting time. I'll walk you through a pain-free IT security program that'll both keep you safe and in compliance. 

Need help preparing? Call our guys at H2L Solutions