RansomwareSafety Evaluation

You are encouraged to select the most appropriate answer for each question in order to have an accurate score.

Firewall / Network / Remote Access

Please select the options that apply to your firewall (If not sure, select None of the above)

Do you have network segmentation in place to protect critical servers and data to prevent the spread of ransomware? (If not sure, answer No)

Do you have Two-Factor Authentication (2FA) for administrative access? (Accessing Servers via the console or RDP, accessing management interface of your firewalls, switches, or any critical applications) (If not sure, answer No)

Do you have Remote VPN access protected by Two-Factor Authentication (2FA)? (If not sure, answer No)

Do you have a mechanism in place to block Remote VPN from unauthorized devices? (e.g., blocking users from their personal computers or laptops to connect remotely via VPN) (If not sure, answer No)

Do remote desktop protocol (RDP) (port 3389/TCP), file sharing protocol (port 22/TCP, 445/TCP), or similar alternatives face externally to the Internet?

Internet & Email Protection

Please select your outbound Internet policy approach (If not sure, answer Any)

Please select your outbound content filtering policy approach (If not sure, answer No Content Filtering)

Do you have Email security in place to stop spam, phishing emails, and block certain attachments? (If not sure, answer No)

Do you have secure Email access with Two-Factor Authentication (2FA)? (If not sure, answer No)

Do you have Email Security Awareness Training for end users in place? (If not sure, answer No)

Users / Workstations / Servers

Do you have an automatic patch management solution in place for workstations and servers ? (For Windows and 3rd party updates)? (If not sure, answer No)

Do you have an Enterprise / paid / subscription version of Endpoint Protection installed on all computers and servers? (Local or Remote Laptops) (If not sure, answer No)

Do you have end users with local admin rights on their computers?

Do you have policy in place to change passwords every 120 days? (If not sure, answer No)

Do you have a minimum password length and complexity policy in place? (If not sure, answer No)

Backup Availability Assurance

Do you follow 3-2-1 backup rule? (3 copies of your data on two different media with one copy off-site for disaster recovery)? (If not sure, answer No)

Do you have a backup solution that supports immutable backup? (Once the backup data is written, it can’t be altered, modified, or deleted for a selected period) (If not sure, answer No)

Do you have a backup server isolated in a separate VLAN and protected with Two-Factor Authentication (2FA)? (e.g., The backup server can’t be accessed from a user’s computer or the VLAN and is only allowed from certain IPs) (If not sure, answer No)

Do you test and verify your Backup and DR at least once annually? (If not sure, answer No)

Monitoring / Threat Intelligence / Response

Do you have any real time threat intelligence on your most recent ransomware or threat attack? (If not sure, answer No)

Do you have SIEM (Security Information and Event Management) solution in place to store, analyze and retain all the critical services logs for at least 90 days? (e.g., Firewall, Domain Controller, VPN, Radius Server, Hypervisor, Cloud applications – Office 365, AWS)(If not sure, answer No)

Do you perform security assessments like vulnerability assessments on organizational assets on a regular basis? (If not sure, answer No)

Do you have Cyber Incident Response Plan (CIRP) in place? (If not sure, answer No)

Company Details