[{"@context":"https:\/\/schema.org\/","@type":"BlogPosting","@id":"https:\/\/univista.com\/posts\/the-ping-security-plan\/#BlogPosting","mainEntityOfPage":"https:\/\/univista.com\/posts\/the-ping-security-plan\/","headline":"The Ping: Security Plan","name":"The Ping: Security Plan","description":"Do you have a Security Plan in place for your business? Is creating a Security Plan worth your time? Find out more about what it can do for you!","datePublished":"2019-06-28","dateModified":"2019-07-02","author":{"@type":"Person","@id":"https:\/\/univista.com\/posts\/author\/corie-bogan\/#Person","name":"Corie Bogan","url":"https:\/\/univista.com\/posts\/author\/corie-bogan\/","identifier":5,"image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/1cc33ae534ef31a23f9281fa0d638eb45e31ff2282dc8fabaf8cec72af5f1961?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1cc33ae534ef31a23f9281fa0d638eb45e31ff2282dc8fabaf8cec72af5f1961?s=96&d=mm&r=g","height":96,"width":96}},"publisher":{"@type":"Organization","name":"UniVista","logo":{"@type":"ImageObject","@id":"https:\/\/univista.com\/wp-content\/uploads\/2018\/03\/Univista-Logo-e1522352689794.png","url":"https:\/\/univista.com\/wp-content\/uploads\/2018\/03\/Univista-Logo-e1522352689794.png","width":600,"height":60}},"image":{"@type":"ImageObject","@id":"https:\/\/univista.com\/wp-content\/uploads\/2019\/06\/Security-Alert.png","url":"https:\/\/univista.com\/wp-content\/uploads\/2019\/06\/Security-Alert.png","height":1228,"width":1920},"url":"https:\/\/univista.com\/posts\/the-ping-security-plan\/","about":["BUSINESS CONTINUITY","compliance","disaster recovery","malware","network","PCI DSS","planning","safety","Security","Security Alert","The Ping","update","virus","vulnerability"],"wordCount":948,"keywords":["cjis","compliance","cybersecurity","disaster recovery","malware","pci","Security","updates"],"articleBody":"ShareTweet                                        By&nbsp;now you&nbsp;should have trained your employees on what an attack might look like. Now what? Training an employee is half the battle. Not only do they need to know what NOT to do, they need to know what TO DO when a challenge presents itself.&nbsp; Next, employees need to be aware of&nbsp;internal changes&nbsp;that&nbsp;could&nbsp;directly impact them or their environment,&nbsp;and what to do in case your company does fall victim to an attack. One might call this a Security Plan&#8230;&nbsp;What is a Security Plan?&nbsp;A security plan is a formalized plan that specifies how you\u2019re protecting your data and business. It also lays out a plan of action for your company and employees in case a security breach does occur. While this might seem like a simple or generic idea, having the ability to customize the complexity of this plan in order to satisfy your company\u2019s needs is an integral part of having a&nbsp;transparent&nbsp;security dialogue. If a breach ever occurs with your team, do your employees know what steps to take? A security plan specifies&nbsp;each of these steps in detail.&nbsp;&nbsp;&nbsp;How can it help your company?&nbsp;Many companies have some type of compliance they are required to adhere to. Whether it\u2019s CJIS (Criminal Justice Information Services) or PCI (Payment Card Industry), security plans needs to be in place to ensure industry standards are being followed.&nbsp; If compliance is something new to your company, you might not be aware of how to ensure&nbsp;these&nbsp;requirements are being satisfied. Compliance (learn more here&nbsp;The Ping: What Is Compliance?) can add many factors to a security plan that you might not have been aware of previously.&nbsp;&nbsp;Security Plan Details&nbsp;So now you\u2019re thinking, \u201ca Security Plan is a good idea, but where would I even begin?\u201d Security plans can include several different aspects that tailor to your&nbsp;individual&nbsp;company&#8217;s specific requirements. Here are&nbsp;some of the most common:&nbsp;&nbsp;Make sure your Password Complexity rules are strict. Some simple updates can greatly improve&nbsp;your security:&nbsp;Use a minimum of 7 characters for your passwords.&nbsp;Use both upper- and lower-case letters (e.g.,&nbsp;A,a,B,b, etc.).&nbsp;Use non-alphanumeric characters (e.g., 1, 2,&nbsp;3,!,&nbsp;@, etc.).&nbsp;For&nbsp;more&nbsp;information, check out&nbsp;The Ping: Security in Public Places&nbsp;Keep your antivirus up-to-date!&nbsp;Most updates to antivirus software include safeguards against the most recent methods of attack.&nbsp;Exercise&nbsp;caution when using&nbsp;Public&nbsp;WiFi. Data sent over a public Wi-Fi can be easily intercepted.&nbsp;For more information, check out&nbsp;The Ping: How&nbsp;To&nbsp;Avoid Getting Hacked&nbsp;Social Media is here to stay, but what does your company allow their employees to post? Should your employees be allowed to access social media while at work?&nbsp; A BYOD (bring your own device) or Acceptable Use Policy would help address&nbsp;exactly&nbsp;what your users can and cannot&nbsp;do&nbsp;while using your systems and\/or equipment.&nbsp;Removeable devices such as USBs or hard drives can contain viruses that immediately download to a network when attached to a desktop or server. Make sure to limit their usage to trusted sources.&nbsp;Physical Security! How accessible is your network to non-employees?&nbsp;Vendors? Janitorial services?&nbsp;Designated Security Officer&nbsp;A new approach to trying to resolve these issues is to designate a \u201csecurity officer\u201d within the company. This individual would help to ensure employees are being compliant.&nbsp;If&nbsp;these new&nbsp;found tasks are this designated individual&#8217;s secondary responsibility, the likelihood that they will be able to effectively monitor staff progress significantly declines. Teaching the importance of cybersecurity to your employees can help&nbsp;convey&nbsp;the importance of staying cybersecurity diligent. Personal and direct language like \u201cwe\u2019re counting on you\u201d and \u201cit\u2019s up to all of us\u201d from influencers and company leadership can help reiterate to employees that cybersecurity is indeed essential to the company and deserves their attention. When employees start to take ownership on what the consequences could be, they will make more of an effort to be cautious in the future. The \u201cHuman Firewall,\u201d as we discussed in&nbsp;The Ping: The Human Firewall, is another best practice to instill in your Security Plan.&nbsp;If you are not able to dedicate a designated security officer, who is responsible for ensuring these best practices are implemented? This is where your friendly, neighborhood MSP (Managed Service Provider) comes into play. We have years of experience with proactively creating, implementing and monitoring security guidelines&nbsp;so&nbsp;that&nbsp;you can focus on running day to day operations. However, occasionally a security officer&nbsp;may be&nbsp;necessary to help meet your compliance requirements. In these cases,&nbsp;an MSP can&nbsp;work directly with those individuals&nbsp;to help educate them on planning for your company\u2019s compliance needs.&nbsp;&nbsp;If you\u2019re still questioning what a Security Plan is and how it can affect you and your team, let us know! We are happy to walk you through planning the next steps of creating a customized Security Plan. Or,&nbsp;if you&nbsp;would&nbsp;like to look&nbsp;over&nbsp;an example to see how&nbsp;a Security Plan can benefit your company, we\u2019re happy to send one over!&nbsp;&nbsp;Your UniVista Team*Celebrating 20 Years of Customer Satisfaction*ShareTweet                                        "},{"@context":"https:\/\/schema.org\/","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Posts","item":"https:\/\/univista.com\/posts\/#breadcrumbitem"},{"@type":"ListItem","position":2,"name":"The Ping: Security Plan","item":"https:\/\/univista.com\/posts\/the-ping-security-plan\/#breadcrumbitem"}]}]