7 cyber security questions to ask your IT supplier

29/06/2018 in

Security

Download your Cyber Essentials Questionnaire

Free Download  

According to the National Cyber Security Centre, UK businesses are having to deal with more cyber attacks than ever before. Indeed, the threat of theft of your data, money and identity has never been higher, and cybercriminals are only getting smarter.

However, the good news is that a well-managed system ensures your business avoids the majority of cyber attacks. This means you are free to grow your business, having reduced the risk of suffering a catastrophic breach.

To help with this, here are seven questions you should ask your IT supplier to keep your business safe

Number 1: Are my backups running successfully?

Your backups must be your number one priority. If you suffer a breach or your data becomes corrupted, you must be able to recover. Your IT supplier should be able to easily tell you everything about your backups - when they run, the data included, where they hold the copies and when they last ran successfully. Any reputable supplier will have that information at their fingertips because they should be checking it every day.

Number 2: Is my anti-virus software working properly?

Anti-virus and anti-malware software are vital components to keeping your business safe. Your IT supplier should ensure they are running on all devices, including those belonging to employees. They must also ensure that they are both up to date and configured to ensure the best possible defence.

Hackers are becoming ever-more sophisticated, so your supplier must be on top of this 24/7. This is simple with tools currently available. So, there is no excuse for ineffective security software.

Number 3: Is my software up to date?

Lots of people think software updates are nothing more than an inconvenience. But, the latest version of your software is the most secure. So, your business’s safety could depend on whether your software is up to date.

It is your IT supplier’s responsibility to check and implement updates. They should also be able and willing to prove what they have done. Ask them how they do this, what is the status of each machine and what software they check.

At the very least, the list should include Microsoft Windows, and common 3rd party applications such as Adobe Reader, Java, Flash and all the Internet browsers you use.

cyber essentials questionnaire

Number 4: Is my firewall secure?

Your firewall is the first line of defence for your business. You don’t need to know what it does, you just need to know it works. Ask when your IT supplier last reviewed the security of your firewall. Confirm how they check and approve any changes. Also, ask to see firewall documentation and the results of any review in plain English.

Number 5: Are user accounts and passwords secure?

Usernames and passwords are the keys to your system. If a malicious party gets hold of them your system could be in danger. Make sure your IT supplier removes old accounts when people leave, that they enforce secure passwords and that they strictly control accounts with access to the entire system. Also, don’t forget to ask how your IT supplier protects you when their technicians come and go.

Number 6: Are my computers being set up in a secure way?

Ensure your IT supplier removes unnecessary software, disables auto-play, locks down administrator access and enables firewalls on every new business device. To ensure consistency, they should have a set process for setting up new devices that their technicians must adhere to. Be sure to ask for evidence of this.

Number 7: Are you checking for system alerts?

Computers are constantly monitoring activity and will alert you when something is wrong. Your IT supplier is responsible for monitoring these alerts, fixing them before they become a problem. Ask your supplier how they do this, how quickly they respond to problems and how far they will go to fix it.

Keep your business safe with Cyber Essentials accreditation

Every measure above is in line with the government-recognised Cyber Essentials accreditation. This is proof that your business has the minimum required policies in place to protect your system. This not only sets your mind at ease but shows customers they can trust you. This can lead to reputation benefits and extra business, benefiting your bottom line.

To take the first step towards accreditation why not download our Cyber Essentials Questionnaire. If you do, you’ll also receive four IT policy templates to help you get started and your business stay secure.

However, if after reading this article you have lost confidence in your current IT supplier you need to find one that you trust. Get in touch today to find out how we provide 24/7 protection to all our customers.

Cyber Essentials questionnaire 3

 

About The Author

David Watson

David Watson

David is managing director at Evolve and a keen runner.