We often meet with companies who have been stalling on cybersecurity. They know a breach happens every 39 seconds and that Ransomware could shutter their business, but they fear picking the wrong solution or that the right solution far exceeds their budget. So, they do nothing.
If this is you in 2025, this simple guide will help you get started on your cybersecurity journey and have you sleeping better in no time.
Step 1: Vulnerability Assessment
A vulnerability assessment is typically done by running an automated tool. The tool includes a database of known vulnerabilities in software and network configuration. The tool probes the devices and applications on your network and generates a list of vulnerabilities graded on a scale from Critical to Low Risk. A trained technician can help you review the list and develop a mitigation plan.
The tool gives a perspective on the breadth and severity of risks in your environment. We suggest you engage a provider and don’ t be afraid to ask questions. The list is highly technical and is meant to facilitate a discussion that helps you balance the risk of a vulnerability against the time and cost to remediate.
Step 2: Basic Perimeter Security
The most basic and essential item for your perimeter is a firewall. The firewall protects devices inside your network by preventing access from outside. Configured correctly, the only way to access your network is by passing through the firewall (with authorization). Often companies employ a Virtually Private Network (VPN), which allows users to connect to applications or devices from their home or another location over the Internet. A VPN can also connect company offices together, making application access and data sharing easier. Proper configuration of a firewall is critical as is maintaining subscriptions for applications that provide for Intrusion Detection and other security services.
Also remember that proper administration of your network devices and applications is critical. Limiting user privileges helps contain a security incident if one of your user accounts is compromised.
Step 3: Endpoint Security
Threat actors are constantly probing to gain access to your endpoints, often through email and malicious websites. It is critical to have a product in place to prevent malware and Ransomware. There are a wide variety of products to fill this need. MTSi commonly uses ThreatLocker, which is a Zero Trust tool that prevents all applications from running unless specifically allowed. We also use SentinelOne, which is an Endpoint Detection and Response (EDR) tool. In our view, anti-virus is no longer an option for protecting endpoints in a corporate environment because it is outdated.
You may have noticed that your bank and other institutions you deal with (electric company, phone company, etc.) have implemented multi-factor authentication. We strongly recommend multi-factor authentication for its power to prevent unauthorized access to user accounts.
At the very least, implement a zero trust or EDR solution to protect your users.
Step 4: Patching
Software vendors frequently release patches to resolve technical issues and to close security loopholes. Once a patch is applied, the security issue identified by the vendor can no longer be exploited. One of the biggest issues with patching is that companies assume that patches will be applied automatically. We often find (during vulnerability scans) that numerous machines have not had patches applied in a very long time.
Our recommendation is to use a patching tool that provides visibility to the patch status of all machines on the network. Without a patching tool, it becomes difficult and costly to administer routine patches and updates. Most MSPs provide this as part of their service.
Step 5: Monitoring
Now that you have some essential security in place, it is time to start monitoring so you know when there is a problem. Consider the following:
We met with an organization that bought a server with a hard disk configuration that could tolerate two disks failing. Three years after the server was installed, a disk failed. Months later, another disk failed. Six months later, the third disk failed and the server crashed. Had someone replaced either of the first two disks, that server might still be working normally. It failed because no one was aware of the problem and this is why you need network monitoring.
Your systems are smart enough to know a fault or a threat is present. A monitoring solution collects this information from your devices and alerts someone who can respond. An alert can be anything from a user visiting a malicious website, to a disk failure, to an Internet connection going down.
Conclusion
While we have presented the basics here, we strongly recommend working with a qualified MSP to discuss your security needs. Your needs will vary based on the nature of the information you collect and any cybersecurity regulations that apply to your industry.
Reach out to our sales team to learn more.