6 Strategies for Macro Scale

February 27, 2017       THE NONPROFIT TIMES      

The potential for a breach in cybersecurity is great enough that organizations need to employ a host of methods to protect their systems from invasion.

Although specific instances might call for specific measures for security, there are broad-based steps employers can take to protect from damage caused by unthinking acts on the part of employees.

    At the Nonprofit Risk Management Center 2016 Risk Summit, Jim Jackson and Paul Henry, director of campus operations and IT and network administrator/engineer, respectively, at Momentous Institute, suggested a list of macro scale strategies to protect a system from invasion. They are:

  1. Enforce complex password requirements and password expiration policies for all users. Passwords should contain a minimum of eight characters including at least one number, one capital letter and one special character. Passwords should be changed at a minimum of every 90 days, preferably 45 days.
  2. Ensure network resources are properly controlled via the use of Access Control Lists (ACL’s).
  3. Use a hardened network security appliance (firewall) with a Host Intrusion Prevention System (HIPS) and an up-to-date maintenance agreement.
  4. Ensure all employee work stations are configured with an up-to-date SMB or Enterprise-grade antivirus client and software firewall.
  5. Adhere to other well-established network and computer security best practices as best as possible.
  6. Conduct quarterly network security self-assessment audits.
NonProfit  Times
The Leading Business Publication For Nonprofit Management