There are three critical security controls that all small businesses should implement if they are just starting to address security. These are:
- Keep your systems up to date by applying all security updates
- Make sure you have daily backups of all critical data and be sure to test the ability to restore from the backups
- Users should not be local administrators on their computers, if that is not achievable, require the use of multi-factor-authentication for all systems and applications
For small companies that have already addressed the above controls take a look at Australia’s Essential Eight Maturity Model.
Paul Hill has worked with SystemExperts as a principal project consultant for more than twelve years assisting on a wide range of challenging projects across a variety of industries including higher education, legal, and financial services. He joined SystemExperts full time in March 2012 and coordinates the SMARTday practice.