You’re sitting on the beautiful Palm Beach in Aruba, the waves gently lapping onto the shore. The sun is shining and your skin is soaking up every last ray while you’re sipping on your White Whiskey Punch.
Suddenly there is a knock at the door and you are snapped back to reality. You find yourself sitting at your desk when Susan walks in. “I bet you’re ready for your vacation next week,” she says, grinning with jealousy. “I hear Aruba is absolutely stunning this time of year. Are you ready to hop on a plane tomorrow and forget about work for a few days?”
The truth is, you couldn’t be more ready. But you also know that the last 4 vacations you have taken were constantly interrupted by calls and emails detailing suspicious activity on the network. But not this year! Because you’ve already prepared with the top 5 cybersecurity readiness tips before you hit the beach.
Audit Firewall and VPN Settings
While you are out snorkeling and exploring the coral reefs and beautiful ocean wildlife, you don’t need to worry about what, or who, is knocking at your firewall door because before you left the office you performed a comprehensive audit of your firewall settings. This includes things like:
- Knowing who is authorized to make changes
- Reviewing redundancies
- Enabling geo-ip blocking if applicable
- Reviewing groups, policies, and services to determine ones that are no longer used
- Reviewing rules with permissive actions
- Matching rules with corporate security policies
- Review and lock down any open ports or protocols that are not required, like telnet, ftp, pop, imap, http, netbios, etc.
- MFA enable for admin access to Firewall/VPN
- MFA enabled for VPN accounts
Active Directory Account Audit
When you’re exploring naturally occurring cave pools and cliff jumping, you already have enough adrenaline pumping through your system. You can enjoy the welcomed rush because you know that before you boarded your plane, you did a comprehensive audit of your Active Directory accounts:
- Document who should have access to which systems
- Review your Group Policy Objects (GPOs)
- Review your permissions and make sure no one has more privilege than they need
- Review your lockout policy to ensure it is not too strict or too lax
- Password policy is strong and Fellow employees recently did very well with their Social Engineering training
- You and your team did a total Password audit and you helped those with easy passwords to remediate.
As you sit on the beach and someone approaches, you don’t have to worry that they are bringing you a phone with a call from work. Instead, you can enjoy the quick conversation as they ask if you would like another Mai Tai because you enabled Multifactor Authentication for everyone before you left.
MFA is one of the easiest ways to mitigate some malicious activity because while someone may be able to crack the password, it is nearly impossible to also crack the one-time password used by the MFA solution.
Offsite and Offline Backups
During dinner conversation over incredible food with newly-found friends, the topic of work comes up. You keep it light and move along because you know that your backups are secured offline and offsite so that they have little-to-no chance at being compromised. There is also a process in place to take frequent immutable backups so if anything goes down, there is a safe and secure way to restore data.
Document and Practice Response Plan
You know that good sleep you get when the temperature is just right and there is a slight breeze coming through your open balcony door as the sound of gently crashing waves lulls you into a restful night? If not, then you get to learn about this glorious state of sleep because your team is well-rehearsed on your Incident Response Plan.
You’ve documented the steps to take and practiced the motions with your team until they could do them in their sleep - but not this sleep, because you know that if anything happens, your team knows exactly what to do.
So lay your head down on that pillow and breathe easy knowing that this vacation is going to be different. After everything that’s gone on in the last year, and because you’ve prepared with the top 5 cybersecurity readiness tips, you’ve earned it!