Objective
Protect the company’s digital assets from cyber threats.
Policy
Endpoint Security:
- Install and regularly update antivirus and anti-malware software on all devices.
- Implement device encryption and enforce password policies.
Network Security
- Use firewalls to control incoming and outgoing network traffic.
- Regularly update and patch network devices and software.
Phishing and Social Engineering:
- Train employees to recognize and report phishing attempts.
- Implement email filtering and authentication mechanisms.
Incident Response:
- Develop an incident response plan outlining steps to take in the event of a cyber incident.
- Conduct regular drills to ensure a swift and effective response.
Software Security:
- Regularly update and patch all software applications.
- Conduct security assessments and code reviews for in-house developed applications.