

- Determining what regulations govern your data (HIPAA, GDPR, FERPA, etc.)
- Developing access protocols
- Training employees about human vulnerabilities to cybercrimes, such a phishing
- Creating effective backup procedures, which are particularly important defense against ransomware attacks
