Critical cyber security questions to ask your IT team gives business leaders a simple checklist to protect data, devices, and networks when teams are working remotely. Suddenly the office is closed, and everyone’s working from home. The IT team is coping, but you’ve got a nagging doubt about whether these hasty arrangements are secure.
Table of Contents
Critical cyber security questions to ask your IT team in practice
Suddenly the office is closed, and everyone’s working from home. The IT team is coping, but you’ve got a nagging doubt about whether these hasty arrangements are secure. You ask the IT team a few questions about cybersecurity, but the answers seem to be in a different language!
Well, you should be concerned. Criminals are ramping up their activities, because systems are more vulnerable when people work from home. But there’s no need for panic. Most cyberattacks are successful simply because basic steps haven’t been taken. For many organisations, these 17 critical cyber security questions provide a practical starting point for strengthening remote security.
Here is a simple checklist to ask the person responsible for IT. The answers should all be YES!
Protect your data
- Do we know for sure that our backups are actually working?
- Does data stored on a home user’s hard drive get backed up?
- Does our central data storage have versioning?
- Have we got a Data Loss Prevention system running?
Protect your remote devices
- Do we have multi-factor authentication set up for our systems?
- Will our anti-virus, anti-malware and patching tools automatically update for home users?
- Has everyone who’s working from home signed a communications and internet usage policy?
- Have we given cyber security training to the team within the last six months?
- Are our GDPR policies appropriate for people working remotely and at home?
Protect your network
- Do we use a Virtual Private Network (VPN) to connect remote users to the
company network? - Is our email system encrypted, and has DKIM, DMARC and SPF been set up on the Domain?
- Do we have mobile device management systems controlling all mobile equipment on the network?
- Do we have an appropriate system usage and data management policy?
- Are business applications configured to provide least-access privileges?
Stop the bad guys
- Is our video conferencing protected against rogue attendees and are calls secure?
- Have we got proper checks in place to stop us losing money through fraud?
- Are our remote support tools secured against rogue access?
If you value your business, make sure the answer to all these questions is YES. Cyber security is not a one-off exercise, it’s an ongoing leadership responsibility that requires visibility, accountability, and regular review. By revisiting these 17 critical cyber security questions, you create a simple but powerful framework for identifying gaps, strengthening defences, and keeping cyber risk firmly on the Board agenda.
Most successful attacks exploit basic weaknesses, so getting the fundamentals right can dramatically reduce your exposure and build confidence across your organisation. And it gives leadership teams a clearer picture of where to act next.
Do you have more questions? We can help. Our CIOs and CTOs are experts in all aspects of cyber security, and we work entirely in the interests of our clients, with no commercial connections to any supplier or product. We use all our skills, knowledge, and experience to help businesses stay secure and resilient. If you need support with cyber security, or simply want to sense-check your current approach, feel free to get in touch for a no-pressure conversation.