Business Security Score 1Start 2Physical Security 3Policies 4User Management 5Computer Management 6Mobile Devices 7Web Account Management 8Internet Connections 9Email 10Backup & Recovery 11Show your score 12Learn how to improve your score Measure your Business Security Score. There are no technical questions, all multiple choice. Don't know is a valid answer as well. Should take less than 3 minutes. No trick questions. You can Save your answers to resume later. Hit Save in the lower right before leaving the site. You will get a link emailed to you. Answer all, then hit "Show Your Score" to see the results. You can move back to the prior pages via the Back button or the page numbers at the top of the survey. If you don't like the grade you got, fill out the form at the end. We will contact you and we will teach you how to improve your Business Security Score. If you have questions along the way call 844-KLOUD9IT (5568394), Option 2. Physical Security Is your server room or LAN closet locked?* Yes No Don't know Is access to your server and network connections physically controlled? Are IDs checked when “technicians” or “repairmen” come into your office?* Yes No Don't know Do they have some proof as to ID. Are your security cameras protected on the internet?* Yes No Don't know Not Applicable Are security cameras exposed publicly on the internet? Are they protected with passwords? Policies HR and staff Policies Does your firm have a written Cyber Security policy?* Yes No Don't know A written policy that is part of the staff manual. Does your company have a written breach response policy?* Yes No Don't know Does your company fall under SEC, PCI or HIPAA regulations?* Yes No Don't know Do you directly handle credit card transactions?* Yes No Don't know Does your network security policy operate under the “Least Rights, Least Access” model?* Yes No Don't know This security model means that users are NOT administrators on their own machines, they can't install programs and domain administrator rights are never part of an active users rights. Do you have a written BCDR (Business Continuity and Disaster Recovery) plan?* Yes No Don't know Does your business have a Cyber Insurance policy?* Yes No Don't know User Management Does your firm delete and change accounts/passwords when an employee leaves?* Yes No Don't know Do you have a user Security Awareness training program?* Yes No Don't know Does your firm require two factor authentication on Windows login?* Yes No Don't know Do you scan the Dark Web for compromised credentials?* Yes No Don't know Are users provided with an encrypted password manager?* Yes No Don't know Are users required to encrypt all USB drives that contain data?* Yes No Don't know Computer Management What is the oldest Windows Desktop version in use?* Windows 10 Windows 8 Windows 7 Windows XP If you have a mixture, chose the oldest desktop version. What is the oldest Windows Server version in use?* Server 2019 Server 2016 Server 2012 Small Business Server 2011 or earlier Server 2008 Server 2003 No Servers in house or the cloud Peer Networking If you have a mixture, chose the oldest server version. Are your computers patched on a schedule?* Daily Weekly Microsoft does this for us Don't know Do you have a patch approval & management policy?* Yes No Our IT provider does it Don't know Do you have an advanced endpoint defense system?* Yes No Don't know Advanced Endpoint means a centrally managed and automatically updated system with remdiation and protection against Ransomeware. Plus data loss through removable media, and web filtering no matter how connected. Does remote access for your computers require two factor authentication?* Yes No Don't know Remote access via Logmein, GoToMyPC, Microsoft Remote Desktop Do you encrypt your computer's disk storage?* Yes No Don't know Laptops and desktops hard drives are encrypted, may not require a PIN when booting. Mobile Devices Phones and Bring Your Own Device (BYOD) Are your mobile computers encrypted?* Yes No Don't know Laptop, notebooks, tablets. Are all of the mobile phones accessing company email encrypted?* Yes No Don't know Does company policy allow for the automatic removal of email from mobile devices?* Yes No Don't know Are mobile phones managed by a central system like an MDM (Mobile Device Management)?* Yes No Don't know Do you allow staff to bring their own computers to work?* Yes No Don't know Or require they provide their own computers Web Account Management Do you require staff to use unique passwords for each web site?* Yes No Don't know No reuse of passwords between web sites or accounts. Is your company website secured with SSL encryption?* Yes No Don't know No reuse of passwords between web sites or accounts.* Yes No Don't know Do you audit your staffs passwords for weak or repeat use?* Yes No Don't know Truly random characters, no dictionary words Internet Connections Questions about how your firm is connected to the internet. Do you have a monitored hardware firewall on your network perimeter?* Yes No Don't know Does it have a current security subscription for the firewall?* Yes No Don't know Subscriptions need to be current to provide protection. Does your firewall stop people from going to inappropriate sites, or watching cat videos?* Yes No Don't know Does your firewall block connections to and from outside the US?* Yes No Don't know Does your firewall block connections to and from anonymized networks (The Onion Router, known as TOR)?* Yes No Don't know Is your guest Wi-Fi isolated from the network that your office computers are on?* Yes No Don't know Is your business Wi-Fi restricted to known computers, and not just a password?* Yes No Don't know Email Questions about how your firm Email service and settings Does your firm require Two Factor Authentication to access your Office 365 email?* Yes No Don't know Do you have an active Spam and attachment filter on your email?* Microsoft or Google Does it Yes, before it gets to our mailboxes No Don't know Do you archive all email that goes in or out of your firm?* Microsoft or Google Does it Yes No Don't know Do you have an email continuity service that allows sending and receiving of email even if your mail host is down?* Yes No Didn't know it was possible Don't know Backup & Recovery Questions about how your firm backs up data, the time to restore, and time to recover. How often are your files backed up?* Every 15 minutes Hourly Twice a day Once a day Don't know Is your ability to restore files and servers tested daily?* Yes No Never tried Don't know If disaster struck, be it physical or ransomware, how long to get the server restored. Are your backups replicated offsite* Immediately Hourly Twice a day Once a day Don't know Offsite means to cloud or another physical location. Ideally NOT on your network. Are your Office 365 email and files backed up?* Microsoft backs this up for us Hourly Twice a day Once a day Don't know If your are using some other email provider, or your Exchange server is still in house, please answer. How long does it take to recover an entire server?* Less than 30 Minutes Hours All Day Never tried Don't know If disaster struck, be it physical or ransomware, how long to get the server restored. Can you recover in the Cloud or data center?* Yes No Never tried Don't know If disaster struck, be it physical or ransomware, how long to get the server restored. Show your score? Yes No You can use the Back button to go back and see how each items was scored. It also allows you to change your answers to see how your score would change. Current Score Your grade and score are below, possible score is from 0 to 250 Current Grade A+: In the best Business Security Score Group! Current Grade A: Better than your peers! Current Grade B+: Better than Average Current Grade B: In the Top 20 Percent, but can improve. Current Grade C+: Room for improvement. Current Grade C: Are your really a "C" kind of business? Current Grade D: You are in serious trouble. Current Grade F: You need immediate training, call us. Please fill in the form. All information is confidential. You can call us right now at 302-283-9300 if you have questions. Please submit the form so we will have all of your responses. Company Name First Name Last Name Position CEO, President or owner CFO IT, CIO Manager Other Email Phone Address Street Address Address Line 2 City State / Province / Region ZIP / Postal Code AfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBonaire, Sint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBrunei DarussalamBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape VerdeCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos IslandsColombiaComorosCongo, Democratic Republic of theCongo, Republic of theCook IslandsCosta RicaCroatiaCubaCuraçaoCyprusCzech RepublicCôte d'IvoireDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEswatini (Swaziland)EthiopiaFalkland IslandsFaroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard and McDonald IslandsHoly SeeHondurasHong KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacauMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesiaMoldovaMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorth KoreaNorthern Mariana IslandsNorwayOmanPakistanPalauPalestine, State ofPanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRomaniaRussiaRwandaRéunionSaint BarthélemySaint HelenaSaint Kitts and NevisSaint LuciaSaint MartinSaint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint MaartenSlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth GeorgiaSouth KoreaSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan Mayen IslandsSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluUS Minor Outlying IslandsUgandaUkraineUnited Arab EmiratesUnited KingdomUnited StatesUruguayUzbekistanVanuatuVenezuelaVietnamVirgin Islands, BritishVirgin Islands, U.S.Wallis and FutunaWestern SaharaYemenZambiaZimbabweÅland Islands Country Any other requests?