Critical controls

Each year, we review our critical controls against the incidents we have seen over the past 12 months. When correctly im

Providing a password manager for your staff to store their passwords, or other secrets like alarm codes, is a great way

Limiting and securing your internet-exposed services will help you prevent unauthorised access.

While macros have a valid business function, they are often used by attackers too. Using secure default configurations w

When paired together, segmentation and separation can add an additional level of access control and security to your net

Storing and securing your logs in a central place makes log analysis and alerting easier.

After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and

The principle of least privilege means only having the access you need to do your job. Restricting the level access to o

You can authenticate with something you know, something you have, or something you are. Multi-factor authentication (MFA

Application allowlisting (otherwise known as whitelisting) is a method of strictly controlling what programs can be run

Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays

Report an issue relating to COVID-19 vaccine scams or misinformation.