Cyber security is an ongoing process, my IT Asset Management Template helps you to track what you have and the security controls in place

Keep track of your IT assets using our easy to use, colour coded Excel based template, aligned to the Cyber Essentials Certification, aimed at SMBs. The certification has over 39 specific questions that need to be tracked, many with multiple options, together with additional useful information to help address general IT security management.

 

Individual sheets cover desktops and laptops, servers & NAS, IaaS & PaaS, mobiles & tablets, network devices, printers & IoT, as well as a software inventory to track what each computer has installed. For ease each spreadsheet is split into the following sections:

Business Info -  information about the device specific to your organisation

System Info - information specific to your device when you acquired it that doesn't generally change

Cyber Essentials - information required to help pass Cyber Essentials accreditation

  -  Secure Configuration
  -  Device Locking
  -  Security update management
  -  User Access Control
  -  Administrative Accounts
  -  Malware protection

Accountability - information about who is filling out this document

The questions are tailored depending on the type of asset, with example answers for guidance. Even if there is no requirement to achieve Cyber Essentials certification, implementing the controls gives a good base level of security, and by filling in the asset template, a true picture of what there is to protect.

There are no fancy functions, just a few drop-downs to save typing, so it works in both Microsoft Excel and Google Sheets. Please note that filling out this template is not a guarantee that you will pass the Cyber Essentials certification, but it will go a long way to helping you pass. 

How to Report Incidents, Phishing Emails and Fraudulent Links

The quicker we report the bad stuff, the less chance it can affect others. 

12 Zero Cost Cyber Security Steps for Small Business

Improving cyber security in your business is not just about spending money. Here are 12 practical steps you can take that do not cost anything other than your time:

  1. Disable Adobe Flash to run automatically in a browser and only run when you say so.
  2. Remove Oracle Java from any machines that do not need it (see www.java.com)
  3. Remove Microsoft Silverlight from any machines that do not need it
  4. Run all users as standard users rather than as administrators in Windows
  5. Scan computers with an online scanner at least once a month from a different antivirus company than the one you have installed (for example Eset, Kaspersky, Sophos, Trend Micro)
  6. Educate your staff about the worst passwords of 2019 and not to use their year of birth as a phone PIN
  7. Encourage staff to use personal devices for personal internet use
  8. Block any email attachment that has executable content or the attachment's file extension matches .js or .lnk or .mht or .url or .wsf (for more info see Office365 tips)
  9. Make sure that you are using legitimate up to date software, keygen utilities often contain malware
  10. Install the Kaspersky® Anti-Ransomware Tool for Business (https://www.kaspersky.com/anti-ransomware-tool) if you are using Windows Defender as your only antivirus software.
  11. Consider changing your DNS settings to Quad9 (9.9.9.9) if you do not already filter DNS
  12. Show all File Name Extensions so you can spot program files posing as documents like SOMETHING.DOC.EXE or SOMETHING.PDF.EXE as the last dot and 3-4 characters would normally be hidden on Microsoft Windows machines

For more details & info about the above steps, see the latest version of my Internet Security Fundamentals eBook.

The Little Guides to... preventing fraud and cyber crime

The Metropolitan Police created the free Little series of books and videos to explain some of the most common scams and give advice on how to avoid falling victim to them. 

https://www.met.police.uk/police-forces/metropolitan-police/areas/campaigns/2019/little-guide-preventing-fraud/


9 Areas for True Cover
9 Areas for True Cover

How To Re-enable Windows 10 System Registry Auto-backup

Starting in Windows 10, version 1803, Windows no longer automatically backs up the system registry to the RegBack folder. You can re-enable it by configuring the following registry entry, and then restarting the computer:

 

HKLM\System\CurrentControlSet\Control\Session Manager\Configuration Manager\EnablePeriodicBackup

Type: REG_DWORD

Value: 1

 

For more info, see: https://support.microsoft.com/en-gb/help/4509719/the-system-registry-is-no-longer-backed-up-to-the-regback-folder-start

Useful Videos by Others