EOFY comes around all too soon. While the end of the financial year is a stressful time for many, it’s also an opportunity to do (or better still – delegate) some essential technology housework.

These are the three tasks that we recommend should be on your must-do list:

1. Review your cyber insurance

While cyber insurance isn’t mandatory, given the growth in the volume and frequency of cyber-attacks, you’d be ill-advised to ignore the benefits. So, if you don’t already have it, we suggest you spend some time investigating the options available.

According to the Insurance Council of Australia (ICA), only about 20% of SMEs and 35-70% of larger businesses have standalone cyber insurance. ICA say that while all cyber insurance products are different, the range of assistance provided under a cyber policy includes coverage for forensic investigation, data restoration, customer notification and rectification, e.g., call centres, and indemnification of penalties imposed by government regulators.

And if the data breach is due to the malicious acts of a foreign government actor or criminal gang, says ICA, that coverage may include costs related to the services of a negotiator, legal advice to determine if any ransom payment is legal or reportable, and indemnification of the ransom the business decides to pay.

If you can’t afford cyber insurance (and yes, we know it can often represent a significant portion of your annual cybersecurity budget), then your options are to mitigate or accept the risk. Naturally, we’d never suggest accepting risk as an option, but there are many ways to help mitigate the impact of an attack with the right partner, products, and processes.

2. Check your backups are in order

It would be nice to think that backups are a matter of ‘set, forget, and walk away’, but that’s not a sound approach to protecting your data! You need a plan.

We suggest that you not only routinely check on your backups, so you know that should, and when you need them, they won’t let you down – but document your backup routines in case of emergency. Here are the four actions we recommend to keep things running smoothly:

  • Do a backup infrastructure check-up. If you’re still backing up locally, do a health check on your drives and devices to ensure they are performing to expectation and specification. And if you’re backing up to the cloud (which we strongly recommend), check that all your files are consistent in the storage.
  • Doublecheck – because data integrity is everything. Your backup solution should include a function to monitor the consistency of your data on the device or your cloud storage – so make sure it’s working.
  • Audit everything. Make sure that everything that should be backed up is backed up. For example, is the personal data collected by that clever new HR application on your backup list?
  • Check those security settings. How’s your data encryption (both in transit and at rest) looking? Are your file names sensitive – do they need to be encrypted as a matter of company policy so their contents aren’t a dead giveaway to cyber criminals? And who exactly has access to your backup data? The last thing you need is Sam, who left under a cloud 11 months ago, retaining access to your data.

3. Is your software licensing looking spiffy?

Take the time to do an audit on your software licensing. Make sure that it’s not only current but covers all users.

Make sure you’re up with the play with your Microsoft licensing and know when it rolls over by popping a reminder in your Outlook calendar.

Feeling overwhelmed?

We understand you may have other things on your mind at EOFY, so if housekeeping your technology is the last straw, then don’t forget you can always talk to us about an audit of your backups and licensing, and some sound advice about mitigating cyber risk.