//Assess

Small businesses face different challenges when it comes to cybersecurity. It's likey that your small business doesn't have an IT staff, let alone a cybersecurity team. Do you know what your vulnerabilities are? Do you know what and where your IT assets are?

CyberIQ uses the NIST (National Institute of Standards and Technology) Cybersecurity Framework to develop a baseline of your current state of security. We then use that as a guide to help you get to a state that's right for your particular small business.

A security framework assessment evaluates the effectiveness of your cybersecurity controls and provides actionable, realistic recommendations for improvement. The next steps are:

Internal Network Scan
First, we'll conduct an inventory of all of your IT assets - network equipment, computers, mobile devices, servers, software. Everything. After that, we run a vulnerability scan to find unpatched systems, outdated software and stuff you should just plain get rid of.

External Network Scan
Is your network vulnerable from the outside? What ports are open? What services are listening on those ports? Do those services have known vulnerabilities? An external scan will find out.

Website / Web Application Scan
How secure is your website and web applications? Are they vulnerable to cross-site scripting, request forgeries or SQL injection? Believe it or not, a lot still are - especially if your web developer's skillset does not extend beyond WordPress themes and plugins.

Wireless Network Scan
How secure is your wireless network? Have you segmented your business and public WiFi? Are your POS terminals on your free public WiFi? We're finding that a lot of small businesses aren't keeping these networks and devices separate.