{"id":1869,"date":"2022-03-07T15:20:04","date_gmt":"2022-03-07T20:20:04","guid":{"rendered":"https:\/\/increasec.com\/?p=1869"},"modified":"2024-07-04T13:32:44","modified_gmt":"2024-07-04T17:32:44","slug":"security-report-card","status":"publish","type":"post","link":"https:\/\/increasec.com\/?p=1869","title":{"rendered":"Security Report Card"},"content":{"rendered":"\n<p>Backups:  <br>Automated backups &amp; tested +1, <br>offsite +1, <br>encrypted +1 <br>versioned controlled OR immutable +1, <br>our data in cloud services is also backed up +2<\/p>\n\n\n\n<p>Hardware:  <br>support contract OR spare in stock +1, <br>redundant power supplies +1, <br>redundant\/trunked uplinks +1, <br>config backed up automatically +1, <br>monitored by an alerting server +1, <br>config changes result in an alert +2<\/p>\n\n\n\n<p>Remote Access:  <br>RDP port forward -5, <br>SSL VPN -2, <br>Filtered by Country or autoupdated blocklist +1, <br>includes method to prevent pw guessing +1<br>requires 2FA for ALL users +2, <\/p>\n\n\n\n<p>Testing:  <br>own a product that tests onsite gear +1, <br>we contract professionals to test us +2, <br>management understands the risks +5<\/p>\n\n\n\n<p>Training:  <br>Employees don&#8217;t list their employer on social media +1<br>documented employee on-boarding includes privacy expectations +1, <br>we do yearly security training +1, <br>Cross training\/people backups +1,<br>we have a competition and give out prizes +3<\/p>\n\n\n\n<p>Email Filter: <br>SPF record set to strict +1, <br>Outgoing email is DKIM signed +1,<br>3rd party filtering service +2, <br>external email easily identified by banner or color +1, <br>Accounting checks before transferring any $ +2<\/p>\n\n\n\n<p>Workstation Sec: <br>Antivirus installed &amp; centrally controlled +1, <br>includes User Behavioral Analysis UBA +1, <br>Logs are collected centrally +1, <br>users are NOT local admin +2, <br>Local admin pw is complex &amp; different per pc +1, <br>executable allow-list prevents unapproved programs from running +2<\/p>\n\n\n\n<p>Laptops:  <br>secure boot + Bios pw +1, <br>HDD encryption +1, <br>remote management and updates +1, <br>users are NOT local admin +2,<br>owned by employee -1<\/p>\n\n\n\n<p>MFA:   <br>via SMS &amp; SIM card has a PIN +1, <br>via App\/hw token +2, <br>enabled for ALL cloud services +3<\/p>\n\n\n\n<p>Phones:  <br>supported hardware getting regular updates +1, <br>updates installed weekly +1, <br>MDM installed +5, <br>owned by employees -1<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Score:  <br>0-10      You are a pushover for Hack-bots and script-kiddies.  You are likely already compromised.<br>11-20    You are a prime target for the next big vulnerability<br>21-30    You are outrunning your peers but not the bear, your turn will come.<br>31-40    Congrats, you are above average.  Keep up the good work.<br>41-50    You are likely a cyber-security provider.  Confirm results with a security assessment and embarrass your competition.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>based on <a href=\"https:\/\/planetmagpie.com\/docs\/default-source\/downloads\/lead-magnets\/it-security-report-card.pdf\">this <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Backups: Automated backups &amp; tested +1, offsite +1, encrypted +1 versioned controlled OR immutable +1, our data in cloud services is also backed up +2 Hardware: support contract OR spare&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[4],"class_list":["post-1869","post","type-post","status-publish","format-standard","hentry","category-uncategorised","tag-security"],"_links":{"self":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/1869","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1869"}],"version-history":[{"count":18,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/1869\/revisions"}],"predecessor-version":[{"id":2993,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/1869\/revisions\/2993"}],"wp:attachment":[{"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1869"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1869"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1869"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}