Last week, our security team reiterated some recommendations that we will confirm are implemented in your environment. Here are some protocols we are going to be confirming or enabling.
- Multi Factor Authentication is enabled and REQUIRED for all employees.
- Conditional Access – People and computers must meet certain conditions to log in to your environment.
- Patch Management – We are responsible for this, but we need your help. Please leave your computers on overnight see the notifications.
- Role-based access – We will be limiting employees’ access to only portions of the network that they need and only the level of access that is required.
- Password Manager – NOT web browser based. We offer a password manager and will be presenting it to you over the next couple of weeks. The managers we use and recommend will provide complex passwords that are controlled by the company, with access provided to the employees who need to use them. If an employee leaves the company or changes roles, access to company passwords can be revoked.
- No open RDP. We will be confirming that all RDP (remote desktop protocol) ports are closed and secure.
- Cyber Insurance. – we will be collecting your cyber insurance information to keep in your company profile. They will be our first call in the event there is an incident. The insurance companies have incident response teams, money and other resources set up to assist us and you in remediation.
Some of our clients have resisted implementing some of these protocols. I am sure you will agree that the inconvenience, time, and budget are negligible compared to the pain and expense of recovering from a security incident.
Amicus IT, LLC