5 Cybersecurity Questions to Ask Your IT Company

David Share

You may already know that having a robust cybersecurity system in place is essential. Additionally, you may know the importance in keeping your business safe and secure from cyber-attacks. After all, over 90% of large corporations and 78% of businesses (in general), in the UK have accepted that they consider cybersecurity as one of their high priority business goals.

However, even if you do have cybersecurity measures put in place, like most business owners, you may not know the technical details that go into your IT support company. Indeed, company policies, coverage, and methodology often vary. As a result, most people have no idea what their IT company exactly does.

So, what are some of the most important questions you can ask them, in order to ensure everything is working as expected? Additionally, how do you clearly understand the security of your business when it comes to cybersecurity?

Ask About Two-Factor Authentication

Firstly, ask about Two-factor Authentication (or 2FA, in short). 2FA has grown to become the gold standard of digital account security. Indeed, 2FA effectively stops other people from hacking into your accounts. In fact, may have noticed it in most banking and finance-related apps. You banking app will send you a code on your personal mobile device to confirm so you can log into your account.

The second factor can be chosen from the following options:

·         A unique personal biometric pattern, like a fingerprint, voice-print, or iris scan.

·         Things like smartphone, credit card, software or hardware tokens, etc.

·         A password, answers to personal secret questions, or a personal identification number (PIN).

Ask for the Status, Report, and Security Level of Regular Backups

It is not uncommon for hackers to use ransomware in an attempt to cause huge losses to a company. They steal private data, destroy it from the source, and then demand payment in return if you don’t want trouble. This is why secure data backups must be an essential part of your cybersecurity plan if you are serious about protecting your business from such a scenario.

It’s always a good idea to confirm with your IT support company if they can provide your company with:

·         Regular assessment and reporting of their data backup strategy for your company.

·         Managed data backup for every data repository vital for your business operations.

·         Offsite data backups.

·         Scalable backup services.

Ask if Your IT Company Runs the Latest Version of all Software and Operating Systems

Hackers thrive on security flaws and software vulnerabilities. Therefore, it is very important to fix the security loopholes that are discovered in various types of software on a regular basis. Your IT company should regularly update such software, including operating systems. Updating software fixes security bugs. Additionally, it gives you access to new features and other benefits.

Ask if They Value Employee Training

Employees play an important role in keeping the company’s digital resources secure. Indeed, it is easy compromise the cybersecurity of a company. All it takes is just one wrong click from one of the employees. Every leading cybersecurity company knows this. Therefore, they will take the necessary steps to train all of your employees on how they can effectively prevent cyber attacks in future.

Ask How They Handle Your Business Data

It gives business owners peace of mind to know their intellectual property and sensitive customer information is secure at all times. After all, if your business data is in the wrong hands, it could lead to your systems getting hacked and business getting compromised.

Therefore, it’s advisable to check with your IT company, that runs your business IT department, how securely they handle your business data, where are the backups placed, and what data security measures do they have in place to avoid cyber attacks.


In conclusion, by having answers to these questions available, business leaders can much better gauge the current cybersecurity profile of their company. Additionally, they can create a disaster recovery plan in order to manage cybersecurity. This will set them on a path to work proactively in the times to come.