This checklist gives organizations a starting point for practical security improvement. It covers identity, MFA, privileged access, patching, backups, exposed services, logging, email authentication, and incident response contacts.
- MFA enabled for privileged and remote access
- Backups tested and protected from ransomware
- Domain admin membership reviewed
- External attack surface documented
- Logging and alert paths verified