Entysis360 Assessment

Entysis360

Step 1 of 6

16%

Clients

Important data on PCs is backed up

Yes

Application whitelisting is utilized and tested.

Yes

Operating systems are up-to-date.

Yes

Operating system updates are consistently applied.

Yes

Applications are standardized and approved.

Yes

Application software is up-to-date.

Yes

Application software updates are consistently applied.

Yes

Users do not have administrative privileges on workstations.

Yes

Users cannot easily obtain administrative privileges on workstations.

Yes

Microsoft Office suite macros are disabled.

Yes

Adobe Flash browser plugins are disabled.

Yes

Adobe Reader browser plugins are disabled.

Yes

Java browser plugins are disabled.

Yes

Silverlight browser plugins are disabled.

Yes

Outdated plugins and add-ons are disabled or removed from all browsers.

Yes

Ad blocker software (or mechanisms) are employed to address the threat of malicious ads.

Yes

Removable media use is prohibited (administratively).

Yes

Removable media use is prohibited (technologically).

Yes

Firewalls have been installed and configured to permit acceptable traffic only.

Yes

File integrity monitoring is employed for critical system files.

Yes

A host-based intrusion prevention solution is employed on all workstations.

Yes

The Show "File name extensions" option is turned on for all workstations.

Yes

The Volume Shadow Copy Service is disabled on all workstations.

Yes

Auto-play features are disabled.

Yes

Software Restriction Policies are used to keep executable files from running when they are in specific locations in the system (ProgramData, AppData, Temp, Windows\SysWow, etc.).

Yes

Total Client Score

Storage

Backups are stored online and offline (not network connected, not through the synchronized live storage, etc.)

Yes

Live cloud storage systems (Dropbox, Google Drive, OneDrive, etc.) are not connected full-time.

Yes

Live cloud storage systems (Dropbox, Google Drive, OneDrive, etc.) are backed up daily (or more often).

Yes

File storage is periodically scanned for the presence of unusual (and potentially malicious) files.

Yes

Backups of all critical applications are taken on a daily basis.

Yes

Backups of all critical file systems are taken on a daily basis.

Yes

Backups are verified as restorable (entire file systems and entire servers)

Yes

Practices

Users are regularly reminded to never open spam emails or emails from unknown senders.

Yes

Users are regularly reminded to never download attachments from spam or suspicious emails.

Yes

Users are regularly reminded to never click links in spam or suspicious emails.

Yes

An incident management process has been formally and specifically defined for handling ransomware attacks.

Yes

Incident management processes related to a ransomware attack have been tested.

Yes

Threat intelligence has been formalized to include ransomware.

Yes

Users are trained on how to identify ransomware early.

Yes

Users are trained on how to respond to ransomware quickly.

Yes

Administrators/Incident Handlers have been trained to identify ransomware attacks.

Yes

Administrators/Incident Handlers have been trained to handle ransomware attacks.

Yes

Antivirus

Reliable, paid-for antivirus software is installed on all workstations.

Yes

Reliable, paid-for antivirus software is installed on all servers.

Yes

Reliable, paid-for antivirus software is centrally managed.

Yes

Reliable, paid-for antivirus software is updated even when the client is not connected to the organization's network.

Yes

Reliable, paid-for antivirus software is equipped with an automatic update feature.

Yes

Reliable, paid-for antivirus software is updated at least daily.

Yes

Reliable, paid-for antivirus software is equipped with a realtime scanning feature that is enabled on all systems.

Yes

Reliable, paid-for antivirus software is equipped with a heuristic/anomaly engine.

Yes

Reliable, paid-for antivirus software is equipped to inspect compressed and archived files.

Yes

Anti-ransomware protection is installed and tested.

Yes

Network

A managed Web filtering solution is employed; a whitelist is enforced.

Yes

A managed Web filtering solution is employed; a blacklist is enforced.

Yes

HTTP traffic is inspected for the presence of malware.

Yes

HTTPS traffic is inspected for the presence of malware.

Yes

FTP is not a permitted download protocol.

Yes

FTP traffic is inspected for the presence of malware.

Yes

SMTP traffic is inspected for the presence of malware.

Yes

Email attachments are not permitted (technologically).

Yes

All externally-accessible information resources are protected with multi-factor authentication.

Yes

Compressed and archived files are inspected for the presence of malware.

Yes

RDP is not permitted from the Internet to any server on the internal network.

Yes

Potential network side channels such as rogue access points, Bluetooth, and infrared ports are disabled.

Yes

Critical systems are isolated (only permitted explicit traffic).

Yes

Servers

Servers have been hardened according to a documented baseline configuration.

Yes

Unecessary services have been disabled on all critical servers.

Yes

File integrity monitoring is employed for critical system files.

Yes

A host-based intrusion prevention system is employed on all critical servers.

Yes

All file shares are inventoried.

Yes

Access is restricted to all file shares according to explicit need-to-know requirements.

Yes

Second Choice

Directory and file permissions are restricted to explicit need-to-know requirements through file shares.

Yes

Remote Desktop is disabled on all critical servers where it is not specifically required.

Yes

Software Restriction Policies are used to keep executable files from running when they are in specific locations in the system (ProgramData, AppData, Temp, Windows\SysWow, etc.).

Yes

Entysis360

Clients

Storage

Practices

Antivirus

Network

Servers

About

Work with Us

Resources

Contact

E360 Assessment

Entysis360

Clients

Storage

Practices

Antivirus

Network

Servers

About

Work with Us

Resources

Contact