What is Cyber Hygiene?
Cyber Hygiene. While the term might evoke thoughts of disinfecting your computer keyboard, that’s not quite what it means. Cyber hygiene is generally defined as the steps that computer/device users take to maintain system health and data security. These steps involve widely accepted cyber security recommendations and risk mitigation measures that are modern, but not necessarily new concepts.
What is different is the use of the term hygiene in conjunction with cyber security. “Hygiene” indicates necessary habits or a routine that must be adopted to prevent infection, such as personal hygiene routines. Regular exercise and rest, check-ups, and overall cleanliness are part of what is considered a solid personal hygiene regimen. Similarly, recommendations can be made for a potent cyber hygiene routine designed to keep your technology systems in good condition.
A Culture of Security
Adopting a cyber hygiene mentality in your organization is a healthy decision. It will help limit your overall exposure to malicious actors and go a long way to protecting your valuable assets and infrastructure. Additionally, encouraging good cyber hygiene habits through education, guidelines, and policies helps to create a culture of security.
When your staff forms good security habits instead of just performing transactional measures, their security contributions are more consistent. Consistency goes a long way to preventing breaches and the sizable price tag associated with them. With the average data breach costing US companies $8.19 million, it’s worth taking the time to employ rigorous cyber security policies and procedures and foster cyber hygiene practices.
Policies and procedures are the cornerstone of any organization’s information security program. Their purpose is to guide staff members on how to protect themselves and the company while utilizing the computing infrastructure. Your cyber security policies should include, but not be limited to:
- Password management
- Network security
- Inventory management
Procedures come next. Procedures serve as management’s definitions and instructions for how policies should be implemented. Below Digital Defense CIO Tom DeSot recommends certain elements that your cyber hygiene policies and procedures should address.
Basic Cyber Hygiene Tenants
Cyber Hygiene encompasses many aspects of information security and deals with a number of accepted best practices. The items outlined below are some of the most basic tenants that organizations can use to have good corporate cyber hygiene.
Maintain Accurate Hardware Inventory
Maintain an accurate and detailed inventory of what computer systems your organization has deployed or plans to deploy. Inventorying your systems ensures that only those systems that the company has actually purchased and deployed are allowed on their network. It also aides in tracking asset transfers to another user within the company as well as serial numbers and other identifying information to be used in the event of loss or theft.
Maintain Accurate Software Inventory
Coming in right behind hardware inventory is software inventory. Knowing what software should be running on a given computer system is key to understanding if a virus or other type of malware is running on the system. It also helps you to know whether your employees have managed to install unapproved software on a computer. Sustained knowledge of your software is critical to ensuring your organization can properly manage deployed systems and protect the organization from malware or from fines from unapproved/unlicensed software.
Run Updated Endpoint Protection
In this day and age, it is critical that every computing platform [that will allow it] run some type of antivirus and/or antimalware program. Of course these are used to ensure that systems are not infected and will not infect other systems on the same network. It’s equally as critical that these antivirus/antimalware programs be kept up-to-date with the most recent signature set so that the program can detect the latest threats.
Implement Firewalls and Hardened Routers
If your company is connected to the Internet, then you’re going to want to implement:
- Hardened routers – defenses at your first point of contact with the Internet.
- Firewalls -- segregate and allow only approved traffic into and out of the corporate network.
These devices serve as your first line of defense in protecting your enterprise from attackers targeting your networks and data. It is imperative that the configurations for these devices are offloaded so that in the event that you have to rebuild the device or install a new one, you’re not starting from scratch. You’ll also want to check them periodically to ensure that nothing has changed that wasn’t approved and tracked within the change management system.
Use Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS)
Next in line to protecting your networks are intrusion detection and intrusion prevention systems. These systems give you insight into the traffic that is traversing your network and whether or not it is malicious. The key difference between the two is that the IDS will only capture and report on the traffic, whereas the IPS will see the same traffic, but will block it from moving across the network. As with antivirus software, it’s imperative that you keep these systems up to date. While there are some that claim to be able to use artificial intelligence to monitor and block malicious traffic, most still use signature sets that look for traffic patterns that indicate an attack is taking place.
Ensure Current System Patching and Maintenance
I’ve mentioned it before but it bears repeating. It is vital that systems (computers, routers, printers, switches, etc.) are kept up to date and made less susceptible to compromise. Successful, sustainable patching practices are performed done on a regular basis, are well documented, and are done in a repeatable way. The reason it needs to be repeatable is that it needs to be conducted in such a fashion that more than one person within an organization can conduct the patching and maintenance.
For Larger Organizations
Network Access Control (NAC)
In larger and more sophisticated organizations you’ll likely see NAC being deployed to ensure unauthorized computers cannot connect to your network and that approved systems are up-to-date on patches and their antivirus. NACs can work independently or in concert with managed switches and firewalls to block unauthorized or outdated systems from connecting to your corporate networks.
Data Loss Prevention (DLP)
Just like NAC, you will typically only see DLP systems in larger more sophisticated organizations. The DLP system’s primary role is to ensure sensitive data is not being exfiltrated outside your organization. This includes the use of USB fob, email, or file transfer systems.
And the list goes on... including strong password development and maintenance, training, situational awareness, etc. The bottom line is, putting these programs and practices in place will go a long way to ensuring that your organization is protected from attack and data loss and place you well on your road to cyber-hygiene success.
How are your cyber hygiene efforts performing? Assess your overall security posture health with our vulnerability and threat management solutions. Schedule a Demo.
Power of the Password
Arm your employees with the information and tools they need to be powerful defenders of your business’ front lines.
Are you Making Common Security Mistakes
To help businesses build a culture of security, we offer 12 commonly seen information security mistakes, with expert insight on how to bolster security.