Recommended cyber security policies and governance approaches include the following:
- Your organisational risk management processes include a cyber security component
- Cyber security incident response processes are well established
- You have implemented an end-user security policy – if you don’t have one, you can download our template and modify it to your organisation’s needs
- You’ve taken out cyber security insurance, if it is appropriate to your organisation’s needs.
Cyber security & the cloud
If you use cloud-based applications (often called SAAS or Software as a Service), such as a service delivery or finance system, you should confirm these are being kept properly secure. Contact your application provider and ask them:
- Do they have a backup plan, will you be able to access your data if their site goes down, and can they recover your data if it’s lost?
- What are your responsibilities for keeping data secure?
- Do they regularly update their software and servers to protect from emerging threats?
- Are there additional tools or add-ons you should use to enhance your data security?
- How do they dispose of data if you stop using their service?