Keeping It Clean: Cyber Hygiene in Cybersecurity
We take steps to care for our health and wellness, our physical bodies, and our financial situations, but what about the security of your Agency? The process device (computers, tablets, phones, software, etc.) users go through to maintain their current level of security and the health of said devices is referred to as “Cyber Hygiene.” Much like you brush your teeth or wash your hands regularly, so should you care for the health and wellness of your cyber systems. The biggest reasons to pay attention to your cyber hygiene are the same reasons that systems may need attention; security and maintenance.
While cyber threats, viruses, and threat actors won’t cease to exist, Identifying, Protecting, Detecting and Responding to these threats can become a routine process instead of a three-alarm-fire with a healthy cyber hygiene practice. Most questions begin and can be answered with the basics. At SkyePoint Decisions, we develop, implement, and maintain healthy cybersecurity systems and provide customized solutions for our clients’ needs. The biggest questions we see regarding an Agency’s cyber hygiene are “Where do we start?” and “What can we do?”
Luckily, we can provide you with the foundation for those answers here.
Where should you start when it comes to assessing and maintaining your cyber systems?
Start with the foundations, your IT inventory, your users, and your data.
- Your IT inventory from Servers, End User Devices and Tablets, Phones and Printers, to the software and services in the environment should be routinely assessed, monitored and updated. Maintaining an inventory of authorized hardware and software and actively monitoring for new or unauthorized assets and using established configuration baselines, patching systems in a timely manner and routinely scanning and remediating identified vulnerabilities are major components of a Cyber Hygiene capability
- Knowing the users that are accessing your data and resources, whether inside your physical network or on cloud-based services is an important next step in establishing and maintaining a Cyber Hygiene capability. Using dedicated (separate) Administration accounts and providing authorized users with the capabilities and education that empowers the secure usage of your organizations services and data will go a long way to preventing data loss.
- Finally, your data, knowing what data your organization is entrusted with, where the data is located in your enterprise, the systems and services where that data is being processed, and who is accessing the data is the last major component of a solid Cyber Hygiene capability.
How do you maintain a clean digital space once it has been created?
This is where your processes will come into play. Create, document, and maintain regular checks, updates, and troubleshooting for the foundational pieces of your Cyber Hygiene capabilities.
Some examples might include:
- Automating the patch management of systems and software to achieve a 95% or greater patching threshold and performing vulnerability scanning to validate controls that protect systems where patching is unfeasible.
- Use Security Orchestration, Automation and Response (SOAR) capabilities to routinely disable users who are no longer employed or authorized to access those systems.
- Begin the implementation of a Zero Trust Architecture for added security. You can learn more about the benefits of Zero Trust Architecture here.
It is our experience that most organizations have the core components required to establish a solid cyber hygiene capability. The implementation of processes and procedures to maintain your cyber hygiene alongside a robust threat monitoring program, and customized security infrastructure will make the maintenance of your cybersecurity a proactive instead of a reactive practice for your Agency. We at SkyePoint would be happy to connect with you to answer questions or discuss the potential solutions to help your agency improve your security frameworks, procedures, and ongoing maintenance. You can connect with a SkyePoint Professional here.