Strategy

The new cybersecurity resilience

May 1, 2020
  • Can you remotely access the security solutions that you use daily to monitor for malicious behavior on the network and end-user devices such as PCs?
  • Can you remotely make configuration changes to your security solution set?
  • Can you remotely upgrade or patch your security solutions set?
  • Does a PC being located remotely change any of your containment or eradication processes?
  • Does the additional IP address added by VPN access affect your ability to map an IP address to a username?
  • If you are leveraging user behavior analysis does the fact that the user is now coming through VPN affect its ability to map the      IP address to the end-user? 
  • Can you remotely contain a server by isolating it from the network?
  • Can you remotely drop a network link to the offices in order to contain a potential malware outbreak (for example)? 
  • Can you remotely contain a PC and conduct a forensic investigation?
  • Can you remotely access your critical servers and databases to investigate potential malicious behavior? 
  • If everyone is working remotely what IP traffic should you be seeing on the corporate network? This is important if someone has taken advantage of no one being at the facility.
  • Are your facilities monitored with security cameras?  This is also important to ensure people are not accessing areas which are normally populated and restricted.
  • If you did have to send a team member into the building, have you walked through who that would be and the escalation and          approvals that would be required to make that happen.
prestitial ad