What is Cyber Hygiene and why is it important?


You would not think twice about practising the good personal hygiene
needed to promote good health – cleaning your teeth regularly for example – and
so practising good cyber hygiene should be up there with those basic well-being
steps to promote good ‘IT health.’

What
is cyber hygiene?

Cyber hygiene refers
to steps taken by users to maintain the health of their computers and devices
and improve online security to prevent the theft or corruption of data.

As with personal
hygiene, cyber hygiene should be practised regularly to ward off common threats
and the natural deterioration of devices and systems.

Cyber hygiene should
be on every organisation’s to-do list…

The benefits of cyber hygiene

There are two major benefits of following cyber hygiene practices
– security and maintenance:

  • Security – In today’s
    ever-changing threat landscape, it is more important than ever to use a cyber
    hygiene routine to help prevent hackers, intelligent malware, and advanced
    viruses from accessing and corrupting your company’s data.
  • Maintenance – Computers
    and devices need to run at optimum efficiency. Cyber hygiene routines help to
    spot issues such as programs becoming obsolete or files that have become fragmented.
    In addition a well-maintained system is less likely to be vulnerable to
    cybersecurity threats.

Cyber hygiene is everyone’s responsibility

Employees often like to place responsibility for a company’s cyber
hygiene practices with their IT department – which might provide clear password
policies for example – but every employee has a duty to do basic things like
using strong passwords and keeping them secure.

READ ALSO  Jabel brings post-Java 8 features to Java 8 users

It is very hard for organisations to keep pace with the constantly
changing threat landscape and the sheer number of security vulnerabilities
within software and hardware.

The threats are not just technological either…

Hackers are very clever at gaining access to
systems and information using social engineering (Social engineering, in this context, refers to psychological
manipulation of people into performing actions or divulging confidential information
).
A hacker might deliver a sob story to an employee over the phone for example,
to get them to impart information unwittingly.

It is not entirely down to the IT department to
reduce social engineering attacks, all employees need to help shoulder the
responsibility.

Focusing
on risks

Good cyber hygiene practices revolve around identifying what the
most likely risks are to an organisation’s products or services and responding
to those risks. Those risks might include the risk analysis of launching a new
product, or service, acquiring a new customer, or updating to new software.

An organisation should also be clear about what it has/owns –
identifying its supporting assets, products, or services for example – and what
facilities are involved in the production of a service or product, or what
employees are crucial to the delivery of these.

Some basic cyber hygiene tips

  • Make sure you keep an inventory of the company’s hardware and software on your network.
  • Make sure you educate your employees on how to practice good cyber behaviour – this might include:
    • encouraging good password management
    • encouraging the use of complex passwords
    • identifying which devices employees can connect to the network.
  • Make sure you limit the number of employees who have administrative
    privileges.
  • Make sure you regularly back up your data and keep multiple
    copies. You might consider using a secure cloud solution as well as keeping the
    data on-site.
  • Make sure you identify any vulnerable applications that aren’t currently
    being used and disable them.
  • Make sure you establish some form of incident response plan.
  • Make sure you implement some controls to protect and recover data
    if a breach occurs.
  • Make sure you conduct cyber threat and vulnerability monitoring.
READ ALSO  Best travel credit cards for 2020

Automate
your company’s security practices to reduce human impact

There is no guarantee that your organisation won’t become the
victim of a ransomware attack, data breach, or other cybersecurity threat, so
you should aim to reduce human impact by automating security practices such as:

  • Providing double authentication logins requiring complex passwords
  • Testing users on their security knowledge
  • Blocking certain types of files.

To sum up, cyber
hygiene is a business problem, not an IT problem, and no two organisations will
implement it in the same way. However, a small amount of cyber hygiene goes a
long way towards keeping your organisation healthy…





Source link

?
WP Twitter Auto Publish Powered By : XYZScripts.com