The Top 10

These ten elements are critical to your organization’s security plan. If you are looking for somewhere to start, look here first.

1

Conduct regular security training
within your organization

2

Be alert to phishing and have a
reporting system

3

Use encryption for all
communication - end-to-end
when possible

4

Require strong passwords and
implement a password manager
across your organization

5

Require two factor
authentication wherever
possible

6

Ensure all staff devices and
software are kept up to date

7

Use secure cloud storage

8

Use HTTPS and, if appropriate a
VPN, for accessing the internet

9

Protect your organization's
physical assets

10

Develop an organizational
incident response plan