Know what you are defending: Many organizations don't have a clear picture of their digital assets or where they reside. It's crucial to conduct a "data audit" to review the inbound and outbound flow of data. Similarly, companies need to perform a "network audit" to understand what equipment is on the network and what devices are connecting to the Internet and/or phone lines. Once the business has a clear picture of where the sensitive data resides, and who has access to it, then that data can be better protected.
Have rules: A written information security policy or plan is essential for all businesses these days and in some industries, such as healthcare and financial services, may even be required by law.
Enforce the rules: The catch with any security policy is that you need to enforce it. That includes sanctioning people who violate the rules but also educating all employees about what the rules are. It is not unusual for a large company to insist that an approved vendor or contractor show evidence of a program of security awareness for its employees.
Start with stronger passwords: This sounds like a very low-tech tip, but it has a high reward. Educate employees on what constitutes a strong password. Make them use strong passwords on all systems, including smartphones and tablets. Frequently change the default password on routers and point-of-sale equipment.
Source: The security experts at ESET, whose solutions fulfill the antivirus and security software needs of enterprises.
The job of an enterprise's chief security officer (CSO) is a difficult one. Devising a strategy that ensures the company's network and data are secure can be a daunting challenge. With high profile breaches like Target and Adobe making headlines recently, enterprise security has finally been brought into the public spotlight. This newfound awareness has put the pressure on enterprises to assure their customers that they are taking every measure possible to boost their security.
This leaves executives asking, where do I start? With so many different considerations to take into account, there is no single solution that will meet all the security needs of a given organization.
Here are the 11 essentials for keeping your enterprise secure.