Educate personnel on appropriate preventative and reactive actions to known criminal schemes and social engineering threats, including how employees should respond in their respective positions and environments.
Scrutinize links contained in e-mails, and do not open attachments included on unsolicited e-mails.
Disable macros. Be careful of pop-ups from attachments that require users to enable them.
Only download software — especially free software — from known and trusted sites.
Create a centralized Information Technology e-mail account for employees to report suspicious e-mails. If you have the ability to do so, flag suspicious email as spam so that your service provider can analyze them.
Change network default passwords, configurations, and encryption keys. Use strong passwords, lower, upper case, numbers and symbols. Use 2 Factor Authentication if available.
Recommend your company’s IT professional(s) review, test, and certify the need/compatibility of a patch or update prior to installing it onto the operating system or software.
Monitor employee logins that occur outside of normal business hours.
Restrict access to the Internet on systems handling sensitive information. Utilize Web Content Filtration services on your firewall or UTM appliance if it's capable.
Install and regularly update anti-malware solutions, software, operating systems, remote management applications, and hardware.
Never use the same login and password for multiple websites, platforms, servers, or networks.
Monitor unusual traffic, especially over non-standard ports. Close all unused ports. If you can do so, set all ports to closed as the default, and only open essential ports for internet traffic. Specify ports for specific hosts and destinations if available.
Monitor outgoing data, and block unknown IP addresses.
Isolate sensitive information within the network. If available, utilize Active Directory security layers.
Only allow required processes to run on systems handling sensitive information. Limit the software that is installed to the least amount needed.
Implement two-factor authentication for access to all sensitive systems, email accounts, and web portals used for financial reasons.
Ensure proper firewall rules are in place and checked monthly. Set a scheduled date/time to look at firewall rules and and make sure traffic patterns have not changed.
Conduct searches using multiple search engines on multiple Internet domains of company names, web addresses, key personnel, and projects to determine if there is an accidental weak point in the network security.
Conduct infrastructure look-ups in the public domains to ensure additional information is not inadvertently advertised.
If possible, utilize NCATS to scan your network's public IP addresses for risks, and make an action plan for fixing all known vulnerabilities.