1. Do you limit access to critical and sensitive data within your company only to employees that work with it?
2. Do you train employees on data security policies and procedures, such as the need for complex passwords?
I don’t know
3. Have you determined which members of staff should be trusted to possess administrator privileges?
4. Have you informed employees about the dangers of using unsecured wireless networks in public places such as airports and cafes?
5. Do you routinely destroy unneeded information, such as shredding old paper files, physically destroying old hard drives, wiping portable devices, and removing and destroying any memory or SIM cards in smartphones and other devices you dispose of or sell?
6. Have you ensured that third-party partners and vendors have proper security procedures in place?
7. Do you restrict web surfing on company computers and smart-phones or distributed a list of off-limits high-risk websites orwebsite categories?
8. Do you know the law on data security and on notifying customers about any breach?
9. Do you have a Data Breach Notification Policy, which is a document you provide to all your customers, telling them how your business will notify them should a data breach occur?
10. Have you created an internal incident response plan for dealing with breaches and post-breach notification?
11. Do you have a policy to ensure complex passwords are used across the network to protect your systems?
12. Have you upgraded all the computers in your business to the latest operating system?
13. Do you have procedures in place and are being followed to install security updates?
14. Have you installed firewalls, anti-virus, and anti-spyware programs and install updates routinely?
15. Does your email provider scan your email system for possible viruses and phishing scams?
16. Have you encrypted critical hard drives, data storage devices, folders and files?
17. Have you minimized the devices that have administrative access to your company’s servers?
Please enter your email to see the results.