Cyberscore plugin test

We maintain an inventory of all workstations, servers and network equipment and we have implemented a sustainable hardware refresh cycle.

We utilize an incident ticketing system, we provide our management team with regular response and resolution time reports and the results of those reports are meeting the organization's expectations.

Our wireless network prevents guests from accessing our internal network and employees have unique usernames and passwords assigned for wireless access.

Our office locations utilize redundant internet service provider connections, and our firewall or router automatically swaps connections in the event of an outage.

Our servers and network equipment are protected with uninterruptible power supply units that maintain a minimum of 10 minutes runtime and automatically power down servers hosting critical data.

The level of cybersecurity insurance carried by our business is adequate to protect our organization and our clients from financial loss.

I am confident that we have the proper cybersecurity software deployed to protect personal and corporate data from attacks such as phishing and ransomware.

We use single sign on and two-factor authentication across all critical line of business applications such as Office 365, our ERP system and remote access.

We engage with all organization employees and properly train them to identify ransomware, phishing and social engineering attacks coming from email, text message and web sites.

All organization IT systems and devices that contain PII or sensitive company information are encrypted to protect against loss or left.

We apply regular server and workstation security patches and updates across our technology infrastructure.

We have a properly segmented corporate network (meaning workstations, servers, phones and guests are kept in separate logical networks).

We perform a regular network vulnerability scan and have archived all historical scan data for reporting and compliance purposes.

We have a written information security policy (WISP) that has been agreed to by all employees.

We are meeting all state and federal compliance requirements such as HIPAA, PCI DSS, FINRA and the New York SHIELD Act and we are confident we would pass an audit.

We proactively monitor our server and cloud infrastructure for failures and performance issues so that business affecting problems can be prevented.

We regularly review our backup strategy, and we adhere to a documented process for backup frequency, retention and location.

We perform regular backup recovery testing, and we have a clear time objective for restoring critical systems and data.

Along with our management team, we understand how our technology infrastructure supports our key business processes and we have calculated our costs of technology infrastructure downtime.

We have a well-defined disaster response team with clearly defined roles, responsibilities and communication protocols.

The organization's management team views technology as an investment, not a cost and they agree to implement best practices when recommended by the IT team.

We perform a regular technical alignment assessment to identify areas of our technology infrastructure that do not meet best practices.

We meet regularly as a team to assess risk, discuss strategy and perform IT budget planning for our organization.

We have a clear process for making IT related decisions in our organization, a project plan is agreed upon before implementation and communication within our organization is clear and consistent.

We consistently bring advances in technology to the attention of our management team, which increase employee productivity and gives us an edge over our competitors.