Protect identities first
Accounts are often the doorway to business systems. Make access intentional and remove it promptly when roles change.
- Use multi-factor authentication where available
- Avoid shared user accounts
- Review administrator access
- Document offboarding
Keep devices current
Supported operating systems, application updates, endpoint protection, and encryption create a stronger baseline.
- Apply security updates
- Replace unsupported systems
- Use managed endpoint protection
- Require device lock screens
Prepare for recovery
Backups are most useful when the organization knows what is protected, who owns recovery, and how restoration will be prioritized.