Cyber Self-Assessment

Kansas Manufacturing Solutions works with you to determine your cybersecurity risks and helps guide the implementation of a solution to fit your information technology needs.  Take the opportunity to rely on the expertise of our cybersecurity partners. 

This assessment is intended to give you a basic understanding of cybersecurity and some of the risks you may face. Although this assessment will provide you insight on some of the things you can do to protect your business, it is not intended as a stand-alone assessment. Cybersecurity involves many aspects that only a qualified individual is capable of reviewing.

Cyber Self-Assessment                                              

• Have you created unique user accounts and logins for each employee who has access to your system? 

• Is each user’s account secured with a strong password?                                         

• Do your employees log out of their computers when not in use?        

• Are all company computers and devices are programmed to automatically locked after 10 or 20 minutes of inactivity?

• Is a user's account disabled when they leave the company?                                

• Are “admin rights” limited to select individuals such as your IT staff?     

• Are access privileges of each user account is appropriate to their role in the company?                          

• Do you have policies are in place that do not allow sharing of user accounts or passwords?   

• Have your employees been taught to ensure that they do not post sensitive information on public websites or public media?               

• Has your company reviewed and limited the employees who can access, view, edit, or share company files and programs, especially those about your federal contract?                                        

• Are employees limited to only use company computers — never personal or public ones — to work on federal contracts?     

• Have controls have been setup to ensure that employees do not share documents with anyone outside of the federal contract?                

• Do you separate your company network and IT resources from those of other companies or your employees’ homes?                             

• If you use a cloud storage service, have you made sure it can only be accessed through the use of a complex password?                                                                                                                  

• Are all devices and company accounts are secured with unique, complex passwords or PINs?

Download the complimentary Manufacturers Guide to Cybersecurity.

• Before discarding or reusing any company computer, mobile gadget, or storage device, do you have an IT professional destroy the FCI (Federal Contract Information) it contains?                

• Does your organization protect your company network with a firewall?                                    

• Have you ensured your company doesn’t post your company Wi-Fi password in an area where unauthorized persons can see it?

• If you don’t have the expertise in operating your own internet-connected servers, does your company use a reputable web hosting company to host your website?    

• Does your company regularly update your cybersecurity solutions?                                  

• Does your company regularly install system updates and patches on all of your devices?                      

• Does your company regularly remove apps that are no longer supported by the vendor?                       

• Has your company installed a reliable antivirus solution on all company devices?                           

• Have you configured your company's antivirus software to provide “active protection” and conduct full, regular scans?     

• Have the areas of your office which are public and private been identified?

• Have you ensured that your computers, devices, network gear, and sensitive information are only in private areas?

• If there are no authorized personnel actively supervising a private area, is it secured behind a locked door

• Are all visitors identified and supervised during their visits?                                  

• Are there are steps are in place to prevent unauthorized personnel from entering your office?             

• Do you maintain a sign-in and sign-out sheet for employees and visitors?                                             

• If you can afford it, have you installed surveillance cameras around your facility and use individually assigned keys and electronic locks that record who used them?                                  

• Are only a limited number of authorized individuals can change or disable your office’s security system?

If answers to these questions were "No", then your vulnearbility to a cyberattack makes you increasingly likely a target.  Don't take the risk.   Find out more information about cybersecurity risk, free insights to help you protect your business, and register for a KMS Connect no-cost Cybersecurity Readiness Review program HERE.