What is Cyber Hygiene? Recommended best practices for employees

Cybersecurity is emerging as a top concern for individuals and organizations across the world. To address this, Microsoft recently urged companies to conduct cybersecurity awareness training programs. It also launched a cybersecurity awareness kit that offered simulation-based user training against cyberattacks. It is therefore imperative in these times that a user follows Cyber Hygiene. Cyber Hygiene refers to the steps taken by a computer user to secure his/her device and keep it running at optimum levels.

cyber hygiene

Just like you keep yourself healthy by following certain hygiene routines, it is necessary that the computer networks you use are clean and tidy. A healthy network reduces the chance of hacking and provides you with a smooth experience. The post looks at what is Cyber Hygiene and recommends some practices that should keep your computer healthy.

What is Cyber Hygiene

Cyber Hygiene refers to checking that the network your company uses is up to the mark so that there are fewer chances of cybercriminals taking it over (hacking). In other words, the term cyber hygiene means keeping your computers and network safe and up to date so that it becomes difficult for hackers to access it.

Remember that social engineering is also a method to gain access to company secrets. It is important to educate employees about possible types of malicious attacks that the employees may face when working on a corporate or a university network. Same way, students should be educated and provided with enough software and hardware tools to keep the network clean, and their devices safe and fast.

While hacking a network is of great concern and security can be tightened, it is also possible through social engineering, to get one or more of the employees of that company to spill out employers’ secrets. There must be a contract or something that lays emphasis on both the employee and employer to work towards better cyber hygiene.

How to maintain good Cyber Hygiene

How to maintain good cyber hygiene

Ransomware attacks which were rare a decade ago have become common now. Even more, as computers and the IT industry evolves, new viruses and malware are created. The real challenge still lies elsewhere. In a post-corona world, where living with the pandemic and remote working is the new normal, cybersecurity is emerging as a top concern for individuals and organizations across the world. Unlike systems in company offices that were managed under a common secure network and maintained by efficient security teams, work-from-home systems are way more insecure.

  1. Rely on reputed brands for antivirus and malware software
  2. Include a network firewall in your first line of defense
  3. Move from password protection to strong passwords
  4. Make it tougher for hackers with multi-factor authentication
  5. Use device encryption
  6. Protect your wireless network. Secure your router
  7. Clear data carefully and completely
  8. Take data backups regularly
  9. Prioritize regular OS and software updates
  10. Limit the number of users with administrative privileges
  11. Set reminders for infrastructure wellness checks
  12. Use a VPN
  13. Enable two-step authentication
  14. Use powerful passwords
  15. Keep a single Internet source
  16. Train and Educate employees.

In this environment, it becomes essential for both individuals and organizations to maintain good cyber hygiene. By this, I mean that every user must adopt some basic measures to safeguard the health of their computers, devices, and data. I believe that these are the 10 basic rules to ensure cyber hygiene. Let us see what these are.

The 11 rules of Cyber Hygiene are as follows:

Just like in the real world, cyber hygiene is also about using the tools to maintain the wellbeing of both devices and data, following the right procedures thoroughly, and nurturing a routine. In the case of cyber hygiene, this all comes together, in the simple guidelines listed below:

1] Rely on reputed brands for antivirus and malware software

With antivirus software demonstrating only a 25% success rate in detecting malware, it is imperative that you always select a brand that you can trust. It is the first and most fundamental step in ensuring cyber hygiene. Also, remember to be careful while downloading free software.

2] Include a network firewall in your first line of defense

Just like a physical firewall, a network firewall stands between you and the digital world. It could be the best way to prevent unauthorized access to your websites, mail sites, and other sources of information.

The use of a hardware firewall is recommended for cyber hygiene for both – employees and students. Most routers come with one. Enabling it can further strengthen the connections

3] Move from password protection to strong passwords

It is no longer just enough to have a password. It is, in fact, more important to have a strong password. The expected norm is now a unique and complex password that contains at least 12 characters, which combine numbers, symbols, and capital and lowercase letters. You could use these password management tools for the purpose.

4] Make it tougher for hackers with multi-factor authentication

Yet a strong password alone is no longer the last line of defense. Cyber hygiene now demands a second line of defense that includes two-factor or multi-factor authentication features, such as biometrics or fingerprint recognition.

Read: Tips to maintain Windows 10 in good running condition.

5] Use device encryption

Even if your computer or device is compromised, data encryption could still safeguard your data, emerging as your last line of defense. This means that even if you do lose your device, you do not lose your data.  

6] Protect your wireless network. Secure your router

There are several simple steps that you could take to make your wireless network more secure—adopt a complex password, modify the router’s admin credentials and network name, use encryption.

7] Clear data carefully and completely

If you thought that regularly emptying your recycle bin removes sensitive information from your hard drive, think again. Now, the regular use of data-wiping software is the expected norm to maintain cyber hygiene. It is the only way to truly ensure that erased data from your hard drive stays permanently removed.

Read: Beginners tips to optimize Windows 10 for better performance.

8] Take data backups regularly

While many of the best practices in cyber hygiene protect the integrity of your data, it is the disciplined routine of regular system backups on the cloud or an external drive that ensures that your information is still available to you, even if your device is compromised. It is this necessary routine that adds value to all the other safeguards that you might have instituted.

9] Prioritize regular software updates

Apps that are out of date provide easy, potential security holes for hackers. Yet studies indicate that at least 55% of PC software around the world is outdated. In fact, setting up such a feature to update automatically ensures that your devices and data are constantly updated, seamlessly.

10] Limit the number of users with administrative privileges

You need to have most of the Users set at Standard Users and only the bare minimum as Administrators.

11] Set reminders for infrastructure wellness checks

It is not just backups and software updates that need to be prioritized regularly. That is why it becomes essential to calendarize other tasks as well that need to be built into your cyber hygiene routine. This includes scanning for viruses with antivirus software, updating the operating systems of all devices, checking for security patches, wiping the hard drive, and changing your passwords. Together, this sets a routine, which ensures that cyber hygiene truly becomes second nature to you.

12] Use a VPN

If they are connecting to the office or university network over the Intranet, using a VPN is recommended.

13] Enable two-step authentication

Enable two-step authentication wherever possible. This means you have to perform another step after you enter the password and ID. In some cases, you can download an Authenticator app to your phone that acts as step two.

14] Use powerful passwords

You can create powerful passwords using a password manager. You simply memorize the main app password while the app itself takes care of remembering and filling login pages.

15] Keep a single Internet source

Keep a single source from where all employees can access external Internet. Most of the company networks are Intranets. This means that a company LAN is created using the Internet and the LAN is secured by password and login ID. If any employee uses his own device to connect to the Internet, especially when remote working, it can be a pretty bad mess if hackers use one of their methods to hijack your computer. From there, the entire LAN can be compromised.

16] Train and Educate employees

Train and Educate your employees on how to deal with phishing, social engineering, and similar tactics so that your employees and students don’t leave out any weak point in the company or university network.

We live in a connected, digital world where a single widespread computer virus could cause damages of billions in a matter of days. At such a time, these 10 simple steps offer organizations and individuals an easy guide on how to safeguard devices and data—securely, cost-effectively, and effortlessly. Like in matters of everyday hygiene that safeguards an individual’s wellbeing, it is certainly better to be safe than sorry.

Read: Cyber hygiene is generally poor, says a report.

cyber hygiene

Source link


Alice AUSTIN is studying Cisco Systems Engineering. He has passion with both hardware and software and writes articles and reviews for many IT websites.

Leave a Reply