Cybersecurity Assessment

Do you use unique password for all enterprise assets combined with multi factor authentication across the enterprise systems and users?
Note: Multi-factor authentication refers to the steps / actions required by a user to authenticate on the network. Apart from a password they may be asked for a security token, generated code, SMS or biometric features (thumbprint)

YesNo

Do you label data for sensitivity and confidentiality classification?
Note: Classifying data with labels such as Public, Confidential, External or Internal, helps an organisation to understand their data and apply policies based on these classifications to meet compliance and security requirements.
YesNo

Do you make use of single-sign-on for centralised access control?
Note: Single-Sign-On (SSO) enables users to sign in once and be able to access all the services / applications that they are authorised to access.
YesNo

Do you check and block any browser or email plugins, extensions or add-ons?
YesNo

Do you periodically perform data recovery tests?
Note: It is best practice to periodically test your data backups to ensure that your data integrity is maintained, and it is recoverable.
YesNo

Do you have a security awareness program initiative in place?
Note: An awareness initiative or program serves to educate employees on security matters, their role as users and the company’s overall security culture.
YesNo

Do you perform regular patch management on enterprise assets?
Note: Operating systems, applications, and hardware, need to be regularly updated with the latest versions (operating systems, firmware etc) to patch known vulnerabilities that could be used by malicious actors to enter the network.
YesNo

Do you have a process to detect and respond to unauthorised assets?
Note: An unauthorised asset is a device that is connect to the network with the explicit permission of your IT team or meets the requirements of any security policies set by administrators.
YesNo