Here are the top 5 observations we encounter while doing our vulnerability assessments.
-
- Change the default password on your router (and while we are at it, upgrade to a real firewall and make sure the default password is changed). While the equipment you get from Comcast or Verizon might be fine to start, eventually you are going to want VPN and remote office, better logging, and the ability restrict ports or IPs in ways more advanced than the Comcast/Verizon can provide).
- Patch the operating system AND 3rd party vendor software. (e.g. Java and Adobe)
- Check if the office Wi-Fi is using WPA or greater, and that the guest Wi-Fi (if you offer one) is not attached to the production network.
- Remove administrator rights from the end users. This will be a pain in the beginning, but will be a lifesaver later on. Trust me.
- Invest in end user security awareness training. Your network is only as good as the weakest link, and that is your employees. Train, and test them on how to be cyber safe at work. This can include phishing training and videos that highlight how to spot malicious emails. The money spent up front will avoid costly mistakes (and maybe a phone call from your state AG’s office) in the end.
Have more questions? Contact our IT security experts today!
