The Small Business Security Pyramid
Minimum Must-Have Tactics
- Business Class Firewall
- Next-Generation Antivirus/EDR
- Advanced Email Threat Protection
- Onsite + Offsite +Offline Backups
- Multi-factor Authentication (MFA)
- AD/Cloud Security Hardening
- Monthly Security Inspection & Updates.
Highly Recommended Tactics
- Firewall with Intrusion Prevention System
- Encrypted Password Management
- Web Content & URL Filtering
- End-user Security Awareness Training
Advanced Tactics
- Centralized Mobile Device Management
- Annual Security Scan & Vulnerability Testing
- Annual IT/Security Policy Review & Updated
- Annual Business Continuity/Disaster Recovery Plan Update
Pro Level Tactics
- Regulatory Compliance Standards (eg. NIST 800-53, HIPAA, etc.)
- Organization-wide Data Encryption.
