IT security checklist for waste and recycling companies

WASTE & RECYCLING MANAGEMENT CHECKLIST

Yes

No

1. Educate your team and users

Create a Basic Program for Awareness.

To be effective, your program will need employee buy-in. Get them to understand the consequences of failing to think before they click. Design hands-on activities that demonstrate, for example, the damage a link within an email can do when it’s infected with malware.

[]

[]

2. Implement an audit on IT processes

Where are the vulnerabilities in your security?

An audit enables you to uncover your weak spots, assess your ability to deflect attacks, and test your cyber resiliency. You should also talk to employees as part of the process to find out if they’re adhering to company policy. Finally, take immediate action based on your findings, whether that’s addressing specific security issues or upgrading technologies.

Note: This is also the ideal time to ensure you’re compliant with data security laws.

[]

[]

3. Undertake a Patch Management Program

An astonishing 57% of cyberattack victims admit they could have prevented the breach by installing an available patch, according to a 2018 report by the Poneman Institute.

A mature security framework depends on the fast application of patches. The longer you wait, the longer the door is left open for bad actors. You’ll need to inventory all hardware and software. The patching process involves not only your servers but also endpoint devices.

Your Patch Management Program should include WSUS (Windows Server Updates Services), which allows companies to selectively approve updates, choose when they’re delivered, and determine which individual devices or groups of devices receive them. Microsoft’s SMS for Patch Management is another excellent resource.

[]

[]

4. Implement log monitoring

Improving incident response requires your log files. These are indispensable to properly troubleshooting application and system problems. Log monitoring software evaluates log events as they’re being recorded. Software isn’t absolutely necessary, but with many reliable solutions available, it makes the process more efficient. You can also configure alerts that notify you in real-time of incidents. You can undertake analysis immediately and get to the root of the problem faster.

[]

[]

5.  Fulfil a Vulnerability Management Program

Multiple compliance, audit, and risk management frameworks now require a Vulnerability Management Program. Part of your program will include reporting on the state of your network assets. Use a reputable vulnerability scanner for this.

Discovering how exploitable your system provides the intelligence to help you find the right balance between patching vulnerabilities and interrupting your company’s operations.

[]

[]

6. Implement Strong Authentication

Single-factor authentication – requiring only a username and password – is a low-security method and common vulnerability. Consider multi-factor authentication, or 2FA (two-factor authentication), to add an additional layer of security, which should be done at the very least.

Identity-based authentication is the preferred route to secure your cyberinfrastructure, but if you’re using legacy systems with outdated hardware and software, this won’t be possible. Identity-based authentication – as it applies to Microsoft Azure cloud – offers mature capabilities for secret rotation, lifecycle management, administrative delegation, and more.

[]

[]

7. Segment your network

Take an architectural approach and segment your network into smaller subnets, with each performing as its own network. Subnets use IP addresses to partition a network and define the subnet and devices inside those networks. You control the traffic flow between these subnets to protect assets, preventing unauthorized users from entering. By creating a layer of separation between servers, you can also minimize damage if there is a breach. If one network is compromised, network segmentation gives you time to respond before the attacker can reach another network.

[]

[]

 8. Use a Zero-Trust Network strategy

Trust no one – not even colleagues already inside the network perimeter. This is the premise behind a Zero Trust strategy, which involves creating a micro perimeter of control around critical data. By leveraging network segmentation to prevent lateral movement, the attacker’s efforts that went into breaching the network in the first place are wasted.

Zero Trust assumes that everything, from the device to the connection – even the user – is already compromised. This is not a specific technology. It’s strategy, and it needs to be part of your network segmentation architecture. Don’t neglect to apply Zero Trust to every endpoint device.

[]

[]

9. Migrate to Software as a Service (SaaS)

Working on the cloud does not reduce threats, but it does reduce your burdens in managing security. The provider takes away some of the responsibility for protecting your application server and systems, and that’s a good thing when you already have enough to do.

AMCS Platform, designed specifically for the waste and recycling management industry, is the best-in-class ERP leveraged on Microsoft Azure.

This is an important point because Microsoft Azure benefits from over £1 billion spent annually on security. It offers a level of protection that would be next to impossible to implement on-site.

[]

[]