Cyber Security

Top 13 Cybersecurity Controls for Midmarket Enterprises

Midmarket companies can be seen as soft targets for bad actors since IT and security budgets are not as robust compared to larger enterprises. Drawing on the SANS Top 20 Critical Security Controls, Kraft Technology Group (KTG) has gathered a list of cyber security controls which will greatly reduce the risk of a security incident and provide your company with a strategic advantage. Similar to Kraft Enterprise Systems, KTG is part of the KraftCPAs family of companies.

Inventory of authorized devices

The company should actively inventory all hardware devices on the network including all network-connected devices, servers, and workstations. Unauthorized or unmanaged devices should be easily identified.

Can Kraft Technology Group (KTG) help? Yes, our managed IT solutions include an asset discovery and inventory component. Also, our field service team can assist with creating network diagrams and data flow diagrams.

Inventory of authorized software

The company should actively inventory all software installed in the environment, including servers and workstations. Authorized software and unauthorized software should be cataloged, and a system should be in place to alert about unauthorized software. If possible, the system should prevent unauthorized software from executing.

Can KTG help? Yes, our managed IT solutions include a software inventory with alert mechanisms for blacklisted/unauthorized software. Our endpoint security solutions have the ability to prevent unauthorized software from executing.

Secure configurations for hardware and software on devices

The company should establish and implement secure configurations for all devices deployed in the environment. Hardware and software configurations should remain secure through proper change management and continuous patch management.

Can KTG help? Yes, our field service team can provide secure deployment configurations to apply to hardware and applications. Our managed IT solutions provide a solution to track change requests, patch operating systems, and patch applications.

Network defense

The company should implement network-based firewall and intrusion prevention/detection systems to control data flow between networks. The system should inspect all traffic passing between networks including encrypted traffic.

Can KTG help? Yes, our managed security solutions provide fully managed next generation firewalls with integrated intrusion prevention and detection functionality and SSL decryption. Our team maintains the configuration and responds to alerts as required.

Continuous vulnerability assessment and remediation

The company should be continuously monitoring network-connected devices for vulnerabilities and have a remediation plan to ensure the vulnerabilities are not exploited.

Can KTG help? Yes, our managed security solutions offer the ability to assess vulnerabilities for any device supported by our Security Information & Event Management (SIEM) solution. Remediation efforts can be handled by our field service team.

Controlled use of administrative privileges

The company should tightly control administrative privileges on the network and within applications.

Can KTG help? Yes, our field service team can help with remediating expansive permissions in Active Directory, line of business applications and network devices. Our SIEM solution provides monitoring for changes to privileged security groups and accounts. Our Service Desk provides resources to help employees make necessary administrative changes to their workstations and applications.

Multifactor Authentication

The company should enforce multifactor authentication for all critical systems including email, applications with access to personally identifiable information or protected health information, and systems hosing intellectual property.

Can KTG help? Yes, our managed IT solutions offer a best of breed solution to add MFA to a wide variety of internal systems.

Email defense and web content filtering

The company should provide a mechanism to reduce the threat of email-born risks by analyzing email traffic and removing known threats while also combating against email fraud such as phishing. The company should also protect employees and the network against web browsing threats.

Can KTG help? Yes, our managed IT solutions provide a cloud-based email security gateway to protect against malware, phishing, and imposter threat protection. As part of our advanced endpoint protection, we provide web content filtering to protect against botnets, inappropriate web content, malicious command and control activity, and drive by downloads. Inspection and protection of encrypted traffic is supported.

Endpoint malware defense

The company should protect the endpoint devices against known malware, file alteration, and unnecessary lateral communication.

Can KTG help? Yes, our managed security solutions provide multiple endpoint agents working in conjunction to prevent the initial infection, prevent the spread of malicious traffic, prevent the execution of unauthorized software, and prevent unnecessary lateral movement on the network.

Data recovery capability

The company should ensure the proper backup and disaster recovery procedures are in place and operating as expected on a continual basis.

Can KTG help? Yes, our managed IT solutions can include a recovery-in-place DR solution coupled with a recovery-to-cloud DR solution, along with documented steps for recovery to be included in a Business Continuity Plan. Our field service team can facilitate regular functional disaster recovery testing to satisfy compliance requirements and to ensure your systems will operate as expected in a disaster.

Security awareness training

The company should provide its employees with ongoing and engaging security awareness training. Testing of the controls and employee behavior should be included in the training program. The system should be designed to allow for accountability for management and employees.

Can KTG help? Yes, our managed security solutions include an online security awareness program that includes annual security training program, weekly security tips, monthly in-depth security topics, phishing testing, and management portal.

Incident response plan

The company should create an incident response plan appropriate for the size and scale of the business. The plan should identify participants, systems, and critical third-party contacts. The plan should be tested at least annually.

Can KTG help? Yes, our virtual CIO services can work with your management team, third party providers, and other consultants to ensure all the elements of your IRP are in place. Our vCIO services may not be able to provide all that is required to fully stand up your IRP so we will help craft a plan to bring in the necessary elements from others resources inside or outside the organization.

Continuous risk assessments

The company should implement a methodology to regularly perform technology risk assessments. This should include third-party external and internal vulnerability assessments, IT risk assessments, and any compliance-driven assessments as appropriate for the company industry.

Can KTG help? KTG recommends engaging our Risk Assurance & Advisory Team at KraftCPAs to provide an independent view of your environment.

Kraft Technology Group considers the content in this document to be proprietary intellectual property and confidential in nature. This document shall not be shared or reproduced without the written consent of Kraft Technology Group. Kraft Technology Group provides Technology Consulting, Managed I.T. Security, Network Support and Managed I.T. Services. KTG’s mission is to empower small and midsize businesses to efficiently & securely utilize best of breed technology, so they can focus on reaching and exceeding their strategic goals. For more information please use our contact page.