Texas Business Cybersecurity Checklist
Use this 8-part checklist to validate every layer of your security program—from firewalls and backups to vendor oversight and compliance evidence. Each item reflects what our Dallas SOC reviews when we onboard a new client, so you can benchmark your environment without guesswork.
Harden the edge, enforce segmentation, and make sure you can see every packet that matters.
- Document and review firewall rules quarterly with change approvals.
- Enable next-generation firewall features (IPS, SSL inspection, sandboxing).
- Segment guest, corporate, OT, and IoT networks with VLANs or microsegmentation.
- Require MFA for all VPN, remote desktop, and administrative access.
- Monitor traffic for anomalous patterns via IDS/IPS and flow analytics.
- Maintain redundant internet links or LTE/5G failover for critical operations.
Ensure every workstation, server, and specialized device meets your baseline.
- Deploy managed EDR/XDR with centralized alerting and response playbooks.
- Automate patching for OS, firmware, and critical applications within 14 days of release.
- Require full-disk encryption on all laptops, workstations, and portable media.
- Implement application allow/deny lists for privileged systems and OT endpoints.
- Use least-privilege local admin controls with just-in-time elevation workflows.
- Track asset lifecycle with documented replacement, warranty status, and secure disposal.
Stop phishing, spoofing, and business email compromise before it hits the inbox.
- Enforce MFA on all email accounts, including shared mailboxes and service accounts.
- Publish SPF, DKIM, and DMARC (reject/quarantine) for each sending domain.
- Enable advanced phishing and malware detection in Microsoft 365 or equivalent.
- Implement external sender warnings and impersonation protection for executives.
- Deploy self-service quarantine with SOC oversight for suspicious messages.
- Maintain quarterly security awareness training with simulated phishing campaigns.
Trust—but verify—that backups can withstand ransomware and regional outages.
- Follow the 3-2-1-1 rule: three copies, two media, one offsite, one immutable/air-gapped.
- Use dedicated backup credentials stored in a privileged access vault.
- Test restore procedures quarterly for critical servers, SaaS data, and endpoints.
- Document RPO and RTO per system with last validation date and owner.
- Monitor backup jobs daily with alerts for failures, drift, or unusual deletion activity.
- Maintain disaster recovery runbooks with step-by-step failover instructions.
Know who has access, why they have it, and when that access expires.
- Centralize identity management through Azure AD/Entra ID or equivalent SSO platform.
- Require MFA for all privileged accounts and remote access pathways.
- Review admin and service accounts monthly; disable unused accounts immediately.
- Enforce strong password policies with breach detection and rotation for shared secrets.
- Automate onboarding/offboarding with documented checklists and sign-offs.
- Conduct quarterly entitlement reviews with department leaders for sensitive systems.
Validate baseline requirements for HIPAA, FTC Safeguards, CMMC, or SOC 2 alignment.
- Complete or update a formal risk assessment within the past 12 months.
- Maintain current policies and procedures with version control and acknowledgements.
- Collect evidence for security awareness training, incident response drills, and vendor reviews.
- Ensure all vendors handling sensitive data have signed security agreements or BAAs.
- Log and retain security events for at least 12 months with alerting on anomalies.
- Document breach notification playbooks with regulatory timelines and contact lists.
Be prepared to investigate, contain, and communicate without hesitation.
- Maintain an incident response plan with defined roles, contact tree, and escalation criteria.
- Conduct at least one tabletop exercise per year covering cyber and physical scenarios.
- Pre-stage forensic tooling, data collection checklists, and evidence storage procedures.
- Coordinate with legal, HR, PR, and insurance providers in advance; document contact details.
- Create communication templates for employees, customers, partners, and regulators.
- Review cyber insurance policy requirements and ensure controls are in place to avoid claim denial.
Third-party risk is your risk—treat it with the same rigor.
- Maintain an inventory of all vendors with data access, system integration, or on-site presence.
- Require security questionnaires or SOC reports for critical providers and document findings.
- Verify MFA, logging, and incident notification clauses in contracts and renewals.
- Implement least-privilege access for vendor accounts with expiration dates and monitoring.
- Track remediation follow-ups for identified vendor gaps with accountable owners and deadlines.
- Establish an offboarding process for vendors, including access revocation and data destruction certificates.
Need help running the checklist?
Our team will walk through every item, document gaps, and deliver a remediation roadmap—no surprise bills, no upsell traps. Choose a time that fits your schedule and we'll bring the coffee.