Hosted Services Security Guide for All IT Firms to Use (our gift to you during Covid19 hardship)

Posted byIPSOFACTO Leave a comment on Hosted Services Security Guide for All IT Firms to Use (our gift to you during Covid19 hardship)

I. CLOUD SERVICES AND USER ACCOUNT SECURITY

  1. Implement Password Manager (Last Pass)
    • What it entails: Last Pass account setup on user computer(s) and device(s), transferring/copying all passwords to application vault and user training.
    • Estimated time to complete: Depends on number of users + training
    • Problem/Security Risks: Password reuse and the use of simple passwords are a major security risk.  Saving passwords on documents or web browsers is not safe.
  1. Office 365 account audit + shore-up security
    • What it entails: Audit/cleanup Office 365 user accounts and make changes as necessary. Setup MFA for all ASF Office 365 accounts. Setup DKIM, SPF and DMARC email security.
    • Estimated time to complete: Depends on number of user accounts to be setup
    • Problem/Security Risks: Currently, Multi Factor Authentication (MFA) is not setup and if email accounts are hijacked, the malicious third party can get access to other services/accounts, request password resets and further compromise the organization.
  1. DropBox account audit + shore-up security
    • What it entails: Audit/cleanup DropBox user accounts and access controls/permissions and make changes as necessary.
    • Estimated time to complete: Depends on number of user accounts/directories that need to be audited
    • Problem/Security Risks: External users (no longer working at/for ASF) may still have access to DropBox files or folders.

II. ORGANIZATION IT SECURITY POLICIES AND PROCEDURES

  1. Develop IT security policies
    • Expected Benefit: Cybersecurity Standards and Policy Framework
    • What it entails: Developing a set of strategies for managing the processes, tools and policies necessary to prevent threats to digital and non-digital information.
  1. Develop CyberSecurity Incident Response Plan
    • Expected Benefit: Cybersecurity Standards and Policy Framework
    • What it entails: Developing a set of strategies for managing the processes, tools and policies necessary to detect, document and counter security threats.
  1. Develop Disaster Recovery Plan
    • Expected Benefit: Business continuity
    • What it entails: Developing a documented process or set of procedures to execute an organization’s disaster recovery processes and recover and protect a business IT infrastructure in the event of a disaster.

Please let me know if you have any questions. Steve@ipsofacto.net

The post Hosted Services Security Guide for All IT Firms to Use (our gift to you during Covid19 hardship) appeared first on IPSOFACTO, IT Services.

Hosted Services Security Guide for All IT Firms to Use (our gift to you during Covid19 hardship) syndicated from https://ipsofacto.net

Published by IPSOFACTO

IPSOFACTO is San Francisco's top IT service company. Located in the heart of the bay area we provide many IT solutions for small and medium businesses as well as corporate clients. Whether your business needs network support, wants to outsource your IT service, wants us to set up mxlogin office 365, we have the skills to get it done.

Leave a comment

Design a site like this with WordPress.com
Get started