February 08, 2021
Cyber hygiene is a group of recommended procedures combined with technical solutions to keep users and IT administrators safe. These combinations aim to make cybersecurity better while users participate in everyday online activities, such as web navigation, sending e-mails, and text messages.
Although some types of online navigation seem inoffensive, it can expose your network to highly complex vulnerabilities. Cyber hygiene comes as a solution to protect your network from malware attacks, phishing scams, device invasion, lateral movement attacks, and sensitive data stealing and breaching.
Here are the six essential cyber hygiene solutions recommended by security specialists to start or strengthen your company's cybersecurity posture management.
1. Use next-generation firewalls to protect your network
A simple firewall does not protect your devices adequately. IT specialists highly recommend installing a robust next-generation firewall (NGFW), also known as unified threat management (UTM), to protect your network against sophisticated cyber attacks.
These devices have essential features, like a content filter, intrusion prevention (IPS), intrusion detection (IDS), gateway antivirus (GAV), and advanced sandboxing capabilities not only to prevent unauthorized users from accessing sensitive data, e-mails, applications but block any external attack.
If a team member works from a home network, make sure they will use a secure virtual private network (VPN) solution for access company resources.
2. Choose an Advanced Endpoint Protection (AEP), not a simple antivirus
One of the mandatory steps in cyber hygiene is deploying advanced endpoint protection. An AEP differs from a simple antivirus solution because it has more sophisticated protection resources, like the endpoint detection and response (EDR) mechanism and sandboxing capabilities. Both are robust technologies that use machine learning and artificial intelligence to protect devices.
3. Set strong passwords policies and use multi-factor authentication
Define strong, complex, and exclusive passwords to your accounts. Strong passwords usually combine twelve or more low and capital letters, numbers, and special characters (! @ # $% ^ & *).
Never share passwords with other users, redefine them every three months, and do not use the same password between sites or platforms. In case you need to share some passwords with other people, choose a digital vault or password vault for this.
Whenever possible, use two-factor (2FA) or multi-factor authentication (MFA) to add an extra layer of protection to passwords, primarily to finance, health, and other confidential accounts.
2FA and MFA increase security because the user must provide other information to log in successfully. An exclusive PIN, biometry (face recognition or fingerprint), or secondary device (phone or mail confirmation) are the most commonly used authentication methods.
4. Employ device and data encryption
Keep all user data away from applications—also, separate personal and business data. Apply strong encryption (AES-256 bits or superior), combined with strong passwords, to every sensitive and confidential data, mainly to personal, finance, and health information.
5. Be extra careful during online shopping
Be extra careful while shopping online for products and services, especially on unknown or untrustworthy websites.
Before making a purchase, check if the website is secure: the URL must start with "HTTPS://" and contain a little lock figure on the side. Also, look into forums and user reviews websites if the store is reliable.
On the payment page, verify if shipping and payment information are correct. Always keep an electronic copy of the purchase receipt after confirming payment.
6. Before selling an old device, keep its hard drive clean, including persistent storage
If you're selling or discarding your laptop, tablet, or smartphone, it's essential to ensure your personal or sensitive information doesn't get passed along, as well. If someone hacks your device, a clean hard drive means less data that's accessed.
But merely deleting files or data may not be enough since hackers and forensic experts can quickly restore it. Part of good cyber hygiene is reformatting and then wiping all persistent storage to keep your hard drive clean. For example, if you want to sell your computer and have used it for online banking, you'll want to consider disk-wiping to remove software and data from your hard drive.
Source: HiveCore
Although some types of online navigation seem inoffensive, it can expose your network to highly complex vulnerabilities. Cyber hygiene comes as a solution to protect your network from malware attacks, phishing scams, device invasion, lateral movement attacks, and sensitive data stealing and breaching.
Here are the six essential cyber hygiene solutions recommended by security specialists to start or strengthen your company's cybersecurity posture management.
1. Use next-generation firewalls to protect your network
A simple firewall does not protect your devices adequately. IT specialists highly recommend installing a robust next-generation firewall (NGFW), also known as unified threat management (UTM), to protect your network against sophisticated cyber attacks.
These devices have essential features, like a content filter, intrusion prevention (IPS), intrusion detection (IDS), gateway antivirus (GAV), and advanced sandboxing capabilities not only to prevent unauthorized users from accessing sensitive data, e-mails, applications but block any external attack.
If a team member works from a home network, make sure they will use a secure virtual private network (VPN) solution for access company resources.
2. Choose an Advanced Endpoint Protection (AEP), not a simple antivirus
One of the mandatory steps in cyber hygiene is deploying advanced endpoint protection. An AEP differs from a simple antivirus solution because it has more sophisticated protection resources, like the endpoint detection and response (EDR) mechanism and sandboxing capabilities. Both are robust technologies that use machine learning and artificial intelligence to protect devices.
3. Set strong passwords policies and use multi-factor authentication
Define strong, complex, and exclusive passwords to your accounts. Strong passwords usually combine twelve or more low and capital letters, numbers, and special characters (! @ # $% ^ & *).
Never share passwords with other users, redefine them every three months, and do not use the same password between sites or platforms. In case you need to share some passwords with other people, choose a digital vault or password vault for this.
Whenever possible, use two-factor (2FA) or multi-factor authentication (MFA) to add an extra layer of protection to passwords, primarily to finance, health, and other confidential accounts.
2FA and MFA increase security because the user must provide other information to log in successfully. An exclusive PIN, biometry (face recognition or fingerprint), or secondary device (phone or mail confirmation) are the most commonly used authentication methods.
4. Employ device and data encryption
Keep all user data away from applications—also, separate personal and business data. Apply strong encryption (AES-256 bits or superior), combined with strong passwords, to every sensitive and confidential data, mainly to personal, finance, and health information.
5. Be extra careful during online shopping
Be extra careful while shopping online for products and services, especially on unknown or untrustworthy websites.
Before making a purchase, check if the website is secure: the URL must start with "HTTPS://" and contain a little lock figure on the side. Also, look into forums and user reviews websites if the store is reliable.
On the payment page, verify if shipping and payment information are correct. Always keep an electronic copy of the purchase receipt after confirming payment.
6. Before selling an old device, keep its hard drive clean, including persistent storage
If you're selling or discarding your laptop, tablet, or smartphone, it's essential to ensure your personal or sensitive information doesn't get passed along, as well. If someone hacks your device, a clean hard drive means less data that's accessed.
But merely deleting files or data may not be enough since hackers and forensic experts can quickly restore it. Part of good cyber hygiene is reformatting and then wiping all persistent storage to keep your hard drive clean. For example, if you want to sell your computer and have used it for online banking, you'll want to consider disk-wiping to remove software and data from your hard drive.
Source: HiveCore
