Security Checklist of issues to consider:

Security Checklist of issues to consider (sample)

Check systems for zombie agent software.
Minimize external exposure by minimizing Internet access and connectivity. Do not leave non-mission critical Internet connections open continuously. Deny Internet access to employees who do not need it.
Review security policies and ensure that they are current, implemented and enforced.
Ensure all current service-level and security patches have been installed on operating systems and software, including antivirus updates.
Enhance the review and monitoring of all critical system logs for suspect activity, and consider implementing an intrusion-detection system.
Revisit your firewall configurations and rules to ensure that unnecessary ports and services are turned off and that access control is tightly managed.
Consider curtailing remote access by employees, business partners, customers and consultants to essential business.
Consider changing passwords for all super-user or power IDs such as Root, dbadmin, application manager IDs, etc., especially if that information has become widely shared.
Revisit access control lists to ensure that access to critical functions and resources is limited.
Contact your Internet Service Provider (ISP) to discuss what measures they are taking to ensure the security and reliability of the services they are providing you.
Ensure all critical systems are regularly backed up and actual systems recovery procedures have been tested.
Consider an incident response plan for addressing actions to be taken should a debilitating cyber-incident/event occur, affecting your business.
Ensure all users of your corporate computer systems (including employees, consultants, contractors and temporary workers) understand the importance of protecting the business and their role in the overall program.
Users working from home via high-speed, broadband connections should be required to have a firewall installed on their system. In addition, they should only be allowed to connect to the corporate network through a VPN tunnel.