Quiz: If you check at least 19 out of 24 on this list, your business is protected from phishing attacks

Phishing attacks are more dangerous these days. Cybercriminals are smarter at crafting scams, and have even used the COVID-19 pandemic to trick unwitting businesses in California into giving out sensitive information.

You’ve probably read about phishing protection in security blogs and heeded their advice. But how sure are you that your business is really prepared for a phishing attack? Take this quiz and find out!

This test is designed to measure how prepared your business is in case of a phishing attack. Check off all items that apply to you, then count the total boxes you ticked.

You have:

• Installed an antivirus software, scheduled regular updates, and performed regular malware scans

• Kept all security solutions such as firewalls, intrusion prevention systems (IPS), and intrusion detection systems (IDS) updated

• Kept all software including operating systems (OS) updated to prevent cybercriminals from exploiting vulnerabilities

• Implemented an effective data access policy that allows only authorized users to access, modify, or delete certain files

• Installed a web filter to block malicious websites

• Deployed a spam filter that detects phishing attacks and other malicious messages

• Disabled HTML email messages or automatically converted HTML email into plain text

• Configured and enabled email authentication protocols such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain Message Authentication Reporting and Conformance (DMARC).

• Enabled single sign-on (SSO) to minimize the likelihood of employees falling for fraudulent login pages

• Encrypted all communication platforms such as team collaboration software and email

• Implemented a strong password policy that requires the use of passphrases and forbids using weak passwords such as “123456,” “passw0rd,” “f00tball,” and others

• Enforced multifactor authentication (MFA) in the form of a one-time SMS code, smartphone notification, etc. to act as a secondary security solution on top of passwords

• Deployed password managers to allow users to save their passwords in a passcode-protected system

• Enforced a mobile device management (MDM) policy that regulates the use of personal mobile devices in the workplace and data access to prevent mobile-based phishing attacks

• Kept an offline backup in case of data theft

• Developed a disaster recovery plan in case of phishing or other forms of cyberattack

• Encrypted all sensitive company information

• Trained employees to recognize all types of phishing scams and what to do when they encounter one

• Educated your employees about the risks of sharing personal and corporate information online

• Updated your security awareness training program

• Encouraged remote workers to avoid using public Wi-Fi networks

• Developed a domain where employees can report phishing scams and other suspicious emails

• Increased IT support capacity to assist with phishing problems and other cybersecurity issues

• Partnered with a reputable and dependable managed IT services provider such as USWired to protect your IT infrastructure from phishing attacks and other threats

If you checked…
19–24 boxes: Congratulations! Your business is well-protected against phishing attacks.
12–18 boxes: You know your way around phishing scams, but you may need to improve your strategy.
0–11 boxes: You need to better protect your business against phishing attacks.

For the best protection from phishing scams and other cyberthreats, trust USWired. Our Fixed Fee Managed Services will proactively monitor, maintain, and protect your IT infrastructure from all possible threats 24/7/365. If you want to know more about us and what managed services can do for you, download our FREE eBook today.