Stitcher for Podcasts

Get the App Open App
Bummer! You're not a
Stitcher Premium subscriber yet.
Learn More
Start Free Trial
$4.99/Month after free trial
HELP

Show Info

Episode Info

Episode Info: In this episode of The Power Up Project, we cover: >Part 5 of our five-part cyber security series – Conducting Security Audits >What is a cyber security audit? >A wrap up of our cyber security podcast series Transcript: In this episode, we talk about conducting security audits. Welcome back to the Power Up Project. It’s fantastic to have you here as we round out the final episode in our five-part series on our top cybersecurity defences for your business. So far in this series we have spoken about intelligent firewalls. We’ve spoken about cyber insurance. We have spoken yet again about multi-factor authentication. And in our last episode, we spoke briefly about cybersecurity awareness training for your staff. So in this episode we’re going to talk about security audits. Now, this is a very open-ended discussion. A security audit can be very simple, and cheap, and easy. A security audit can be very in-depth, and prolonged, and expensive. So it really is a bit of a piece of string here as to how you perceive the risk to your business, if you have any particular requirements for compliance with any particular regulations for example, or if you have a board who are concerned about this and need to be put at their ease. So at the simple end of the process, there are a number of routine scheduled checks that you can conduct yourself if you like, every three months perhaps, maybe more, maybe less, and check on some of the most common areas that can be a threat to your business. For example, one of the really easy ones that we see is user accounts left in place for staff who have left the business. So of course we all have a seamless process in place where our HR is tied into our IT department, so as soon as a staff member leaves the business, of course that automatically triggers down closure requests to the IT department to close down all the user accounts. We all have that, right? Of course we do. But sometimes a user account can slip through the cracks and be left in place when it shouldn’t be. So it’s a very simple matter then to run some reports, to log onto your systems, to check the user accounts in place, and tick them off against maybe a payroll report or something similar to make sure there are no extraneous user accounts left by the by. Now, that is just one simple example of how you can run these routine checks yourself to pick up on some of the low hanging fruit I guess, the easier and most common areas that are worth checking with a bit of a routine audit. As we climb up the scale in terms of sophistication and also, therefore, expense, we get into more technical audits, until we get to the high end of the scale when we’re talking about things like penetration testing, we’re talking about real-time monitoring of infrastructure with intrusion detection, we’re talking about a lot of these big words here. And when you get to that end of the scale, this is when we start talking, probably not to your generalist IT p...
Read more »

Discover more stories like this.

Like Stitcher On Facebook

EMBED

Episode Options

Listen Whenever

Similar Episodes

Related Episodes