Level 1: Free \/ easy \/ 1 hour fixes
-Block China, Russia, Ukraine on your firewall and email
-Turn on email banner for external emails
-make sure PCs are running a version of Windows that gets updates; update to Win10 can still be updated for free
-Verify Windows Defender is on and updated automatically
-Verify Windows patches itself automatically. Set Active hours to not be annoyed by reboots
-Invest some time in fishing and cyber-security training. Lots of free info on YouTube.com
-make sure your router\/firewall and Wifi have long passwords that are NOT the default from the factory
-Change your router\/firewall DNS to 9.9.9.9 + 208.67.222.123
-while you’re in the router make sure uPNP (Universal Plug and Play) is OFF
-type your email address into haveibeenpwnd.com; if it says breached, change your password
-install a password manager; BitWarden is free, use it to generate long, complex passwords
-create some HoneyDocs and sprinkle them around your shared files
-standardize on a non-email company wide communication method; Microsoft Teams, Slack, NextCloud etc.
-make sure you have backups and test them
-ensure users are using a secure browser and not IE
-sign up for PayPal; don’t use credit cards online unless its thru PayPal<\/p>\n\n\n\n
Level 2: Cheap \/ 1 day fixes
-enable GeoFiltering for your email logon
-turn on 2FA for email and anything money related (email is used to reset passwords)
-turn off NetBios, LanMan, WPAD and LLMNR on PCs. Easier if you have an AD Domain
-replace SSL based VPN with IPSec VPN \/ RdWeb \/ NextCloud
-disable macros in Office. Easier if you have an AD Domain
-disable PowerShell on workstations. Easier if you have an AD Domain
-setup an SPF record with your ISP\/DNS provider
-setup OFFLINE backups; think external harddrives + some IoT power plugs
-make a guest wifi network and put all cell phones and IoT devices on it<\/p>\n\n\n\n
Level 3: Projects that take planning but provide higher levels of security
-Offsite laptops; install a remote management security tool. N-Central, SentinelOne etc
-Randomize Local administrator account passwords; Microsoft LAPS is free but takes time to implement
-collect and analyze log files
-setup DMARC & DKIM with your ISP\/DNS provider
<\/p>\n","protected":false},"excerpt":{"rendered":"
Level 1: Free \/ easy \/ 1 hour fixes-Block China, Russia, Ukraine on your firewall and email-Turn on email banner for external emails-make sure PCs are running a version of…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[4,3],"class_list":["post-1574","post","type-post","status-publish","format-standard","hentry","category-uncategorised","tag-security","tag-smb"],"_links":{"self":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/1574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1574"}],"version-history":[{"count":16,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/1574\/revisions"}],"predecessor-version":[{"id":2698,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/1574\/revisions\/2698"}],"wp:attachment":[{"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}