In 2020, the average data breach cost a company $3.86 million, according to IBM. That’s not a small sum of money for you. And something tells you the board wouldn’t see it as a minor inconvenience either. As the leader of this organization, you must prevent these kinds of events. The costs are too great. That’s where information security, comes in.
It secures business, employee, and client information (data) in every form it takes, from every angle whether that data is sitting on a server or on the move. We take a holistic approach to assessing your information security, evaluating and securing the hardware that stores this information:
- Network equipment
- Storage devices
- Mobile devices
- Cloud storage solutions
But you may be wondering…
Do You Already Have Enough Cybersecurity?
Find out now. Answer just 10 questions about how your IT is set up, and we can tell you your current level of data security.
How’d you do? If you score 9 or 10, then you probably don’t need us. You’ve got a robust information security setup. But chances are the quiz got you thinking about some areas where you could beef up data security. Keep reading to find lots of helpful tips for computer security.
Tips on Security
1. Identify Data in Motion
We begin by creating “data in motion” maps describing how data flows into, within, and out of the organization. Where does data go, and how does it get there? Are there any opportunities for a nefarious entity to intercept it? And what can we do to make sure that doesn’t happen?
To answer these questions, we take a closer look at the systems transmitting the data. Are they configured properly and adhering to IT industry standards (i.e., ISO 270010)
Now we can see the security gaps and create a plan to close those gaps. We’ve just secured your data in motion.
Let’s look at an example of everyone’s favorite way to transfer data—email. It’s so ubiquitous in modern business; you might forget just how much you entrust to your email service when you hit send.
But all it takes is a single email. One rogue employee could export thousands of files or innocently click on a dangerous link. Now, criminals access and encrypt the whole database. With the right setup, a criminal could intercept that email, take what they want, then send it on its way, so you don’t even know you’ve had a breach.
Anytime data moves, you have interception, corruption, or transfer failure risks. But what about information security while that data is sitting still? We have some tips on security there as well.
2. Identify Data in Rest
Let’s look at where your company is housing data. Most organizations today have data everywhere:
- Computers (hazardous for both data loss and breach and in direct opposition to our tips for computer security)
- Storage networks
- Cloud systems
- External drives
- File cabinets (not something we manage, but should certainly be part of the conversation)
This looks like a shortlist, doesn’t it? But consider how many computers we’re talking about. How many servers. In some cases, different cloud services for each department. It adds up!
So first, we need to identify all the places you’re storing data. Can we consolidate data into fewer, more strategic locations? That way, we can more effectively provide robust information security.
Laptops with sensitive customer data saved on the hard drive? Not very secure.
An industry compliant cloud-based service with appropriate backup and storage redundancy to prevent breach or loss? Much better.
3. Develop Standard Operating Procedures
Now, we’ve streamlined your information and created a data map so we know where everything is. Your employees can find what they’re looking for easily so that increases productivity too.
We need to make sure it stays that way.
Clearly defined Standard Operating Procedures (SOP) make sure that happens. They outline how you store, secure, backup, and delete data.
We use some really amazing IT tools that enable us to identify, secure, and remove data from data storage systems. These further streamline and automate information management.
Next, we turn our attention to applications.
4. Protect Software Assets
You’ll have multiple steps to follow, and the good news is we do all this for you.
- Review access management policies. Who should have access to what and at what level?
- Create an application inventory that outlines your business IT infrastructure
- Assess onboarding, offboarding, and audit permissions within each application. Make sure all enabled accounts should be. We pay special attention to privileged accounts and review those with key stakeholders to ensure their validity.
- Identify any application accessible through single-sign-on services within your organization. Any of those that cannot use SSO should be set up MFA (explained below).
- Discover feature overlap and redundancy of applications. Do you have unplanned redundancy? That’s somewhere you could save money.
5. Set Up MFA
MFA is multi-factor authentication. You’re probably used to something similar when you log into your online banking by now. Companies can no longer afford to assume that the person who has the password or logs in from an identifiable device is supposed to access the account. We use one-time codes or secure ID tokens to provide your company with the same layered information security the big banks use.
Phishing is the number one way data breaches occur today. In a recent security blog, Microsoft states that MFA can prevent over 99.9% of account compromise accounts. If you do not have MFA enabled within your organization, we can set you up fast.
6. Protect Hardware Assets
- Identify the current and latest versions of firmware installed on network devices and servers and plan to install the latest versions across the environment
- Ensure patches and antivirus are current across all infrastructure
- Create a security checklist for mobile devices, including laptops, to ensure they are secured appropriately.
These are just a few of the ways we protect your hardware. You can certainly take these tips for computer security and run with them. But why not leave it to Information Security experts? We have experienced professionals and industry know-how to protect your data and secure your company’s future.
7. Customize These Tips on Security to Protect Your Data
There’s no one size fits most solution when it comes to data security. You can apply the above tips for computer security. But we can help you explore more comprehensive and customizable solutions to optimize information security to maximize productivity. What’s the point of security if your employees can’t work efficiently within it?
We provide you with a complete gap analysis and plan to secure your systems according to your budget. Then we can deploy security measures like:
- Developing a zero-trust security model
- Implementing intrusion detection and intrusion prevention capabilities across networks
- Purchasing add-on services or products to strengthen email security
- Implementing data loss prevention solutions for data in motion
- Building a single sign-on platform that manages logins for applications across the enterprise
Helped us with our entire IT Infrastructure and now we outsource all IT to TenisiTech
“TenisiTech has been a valuable partner in helping us find the right technology solutions to meet the challenges of a healthcare environment that is constantly evolving. I continue to be impressed with their ability to understand our needs, their commitment to our success, and their knowledge that helps us prepare for the future.
Our confidence in their services has led to expanding our engagement with TenisiTech. As their value to The Elizabeth Hospice became evident, what started as a service contract to direct our IT department and provide project management support, grew to include systems administration and network support. The Elizabeth Hospice now is entirely outsourced to TenisiTech.
The security of knowing that TenisiTech is managing our technology has given us the time and freedom needed to focus on elevating the level of care we provide to patients, clients and the community and managing our assets more efficiently. We know with certainty that we have a reliable resource in TenisiTech, a resource that helps keep The Elizabeth Hospice at the forefront of a highly competitive industry.”
If someone were to compare the IT support across the 21 regional centers, we would come out number 1!
“The pandemic is another fantastic example of why I’m happy that we have TenisiTech, I don’t know what working from home would have looked like with our old structure. It may have gone OK, but I don’t think it would have gone nearly as well as it did. TenisiTech is innovative, forward thinking, and constantly looking for a quicker and more efficient way of doing things with the assistance of technology. I just want to brag. If someone were to compare the IT support across the 21 regional centers, we would come out number 1!”
Our internal team seems happy with both the coaching and new technology being utilized.
“I wanted to take a moment and share how impressed I have been with the TenisiTech team. We have pondered a few times what this transition to a telehealth model would look like if we hadn't made a shift in our IT structure when we did. Our internal team seems happy with both the coaching and new technology being utilized. I am hearing from staff that they feel responded to and their problems are being efficiently addressed. My own experience has been fantastic. I am truly grateful to be in partnership with you and your team.”
I already know we made the correct decision with moving to your company.
“I want to sing TenisiTech’s praises. They have such an amazingly responsive and capable team. We have already seen such improvement in the management style of this team. I already know we made the correct decision with moving to your company.”
The conversations I had with our CEO were that TenisiTech was worth every penny.
"You won over our staff because not only do you have the technical skills, but you have the human interactions skills. . . . TenisiTech brought a well-rounded approach to our IT Management that was really indispensable in solving our problem and taking our IT operation to the next level. We do not have a complex IT environment but what we had you made a lot better, a lot safer . . . without worry. You came, you looked, you audited, you did your assessment, and you said, “this is what you should be doing, this is the order of things.” That’s very comforting. The conversations I had with our CEO were that TenisiTech was 'worth every penny.'”
…the team has been proactive and able to resolve issues quickly. Excited to keep moving forward and gain hours back to my work week!
Wanted to let you all know how grateful we are for the quick turnaround time in getting things up and running.
“Just wanted to reach out and thank you all for the incredible win on Saturday getting our agent back online. I've highlighted it to the Executive Team as an area that we have immediately improved upon and wanted to let you all know how grateful we are for the quick turnaround time in getting things up and running. We had discussed that this was like a "worst case scenario" for us at this point in the transition and the way that it was handled gives me incredible confidence in our partnership.”
I’d be thrilled to accomplish so much in a normal year let alone a pandemic year!
TenisiTech took it on, did a fantastic job, and were very patient with us.
“I would not want to go back to where we were 2 years ago. Now that I’ve had the benefit of what a real IT support can do, I am amazed that we got by as long as we did without TenisiTech. HIPAA policy was a big project that had been sitting on the back burner because we weren’t sure how to tackle it. TenisiTech took it on, did a fantastic job, and were very patient with us.”
It is not often throughout my career, that I’ve been fortunate enough to work with a team as knowledgeable, approachable and accountable as TenisiTech
Having a group like TenisiTech who has that deep IT background embedded in its organization and can tap into it as needed has really been very helpful for us.
“The best thing VMRC has gotten from TenisiTech is the depth of knowledge in IT that we did not have before. Having a group like TenisiTech who has that deep IT background embedded in its organization and can tap into it as needed has really been very helpful for us.”
My company sees me as a hero because of TenisiTech.
“The beauty of TenisiTech is with your help we are now worry-free with peace of mind. We know the important stuff is going to get done well and timely, and we don't have to second guess that there is some scary gap out there in IT operations that will come back to bite us. I know a lot of nonprofits hit a wall when they had to transition from working on site to working from home. We didn't even notice we were working from home. It just magically happened. My company sees me as a hero because of TenisiTech.”
Learn how out price model delivers value.