Not long ago, we entirely relied upon vaults and safes to secure our important documents. To further enhance the security, mechanical locks, guards and patrols were put in place. These practices were and are very effective for securing physical environment and assets. However, with the technological advancement, where the cyber threat landscape is rapidly evolving, we need to secure not only the physical environments and assets but also the digital space. While no organization or individual is truly safe from a cyber attack, maintaining a good cyber security hygiene will fortify your cyber defense.
Below, see some of the practices that will help you achieve this at an individual level and organizational level.
- Regular software updates
This is one of the most straightforward and often overlooked practice. Cyber attackers are always on the hunt for vulnerabilities in software which they leverage to gain unauthorized access, steal data and/or control your system. To prevent this,- Enable automatic updates – This ensures that the latest security patches are applied.
- Perform manual updates checks especially for software products without the automatic updates feature.
- Use developer approved sources to download software updates – This prevents introducing malware into your system.
- Good password management
Password are the keys to our online identities and activities. Here are some of the best password practices.- Use different passwords for different accounts
Using a single password for multiple accounts could have devastating outcomes. If an attacker gets hold of the password, he has the key to almost everything you own.
Best practice: Have a unique password for each account. - Generate strong password
Strong password are hard to guess but easy to remember. To achieve this use passphrases and enhance the complexity by including uppercase & lowercase characters, numbers and special characters. Also, make them long
Example: 1 l0v3 Blu3 c@r5 - Use password managers
Password managers help you manage multiple passwords eliminating the burden of memorizing all your passwords. Examples of reputable password managers include Bitwarden, Nordpass, 1Password among others
- Use different passwords for different accounts
- Multi-Factor Authentication (MFA)
Having a username and a strong password alone is not enough. If the password leaks, then anyone who comes across it can authenticate to your account. Multi-Factor authentication adds another factor of authentication on top of the password. This could be a One Time Passcode sent to your email/mobile device or an application such as Microsoft Authenticator/ Google Authenticator that generates the code. Learn more here
For businesses and organizations, the consequences for poor security hygiene are quite serious. A security breach for instance, could jeopardize customer data, proprietary information and intellectual property resulting to legal actions, regulatory fines, tarnished reputation alongside business operations. To avoid these consequences employ the below practices.
- Data Backup and encryption
The explosion of ransomware attacks calls for data backups and encryption. Incase a ransomware attack happened, corrupting a companies data, backups would come in handy in restoring business operations. Encryption ensure that data cannot be used unless the proper decryption mechanisms are in place. - Security Audits and Vulnerability Assessments
Perform regular security audits and vulnerability assessments to proactively identify vulnerabilities, address weaknesses and implement targeted improvements. This also ensure compliance with industry regulations and data protection laws.
At Yelbridges we are at the forefront in providing these services to businesses and organizations around the globe, helping them achieve cyber resilience. - User awareness training
The proverb goes, an organization is only as strong as its weakest link. The responsibility of ensuring cyber hygiene is not only a Security Teams’ effort but everyone’s. This depends on how well informed the employees are. To strengthen your defenses against the most common attacks such as phishing and social engineering, have regular employee training programs that assess security awareness as well as behavior and security culture. This will also help organization adapt their policies and their training programs to align with the industry requirement.
Conclusion
Just like personal hygiene which supports the human well-being, cyber hygiene helps maintain the safety of online environments and assets. It is the foundation for cyber resilience.
References
