Cyberhygiene — The Fundamental Cornerstone of Good Security
Despite what you might believe, the majority of cyber attacks are not zero-day attacks. They are attacks against misconfigured systems or applications. This is happening every day. The harsh reality is that systems that use default passwords, aren’t patched, or are misconfigured, get compromised quickly. Good 'cyberhygiene' is the most effective method to prevent most of these attacks.
So what do we mean by good cyberhygiene? We use this term to refer to the essential layers of security that every business should have in place. This is the minimum essential core of what you should be investing in to help you keep your business running securely. Ultimately, it’s this that will help stop you from becoming a victim of cybercircumstance and yet another breach-report statistic.
Good cyberhygiene is fundamental to the basics of cybersecurity. Companies need to be asking themselves straightforward and essential questions like: Are we running antivirus across our system? Are we backing up appropriately? Are we doing some form of network monitoring and some sort of identity management? Is our firewall configured appropriately to protect and segment our network? Do the people within the environment have only the rights necessary for them to do their jobs? Are we managing permissions and passwords effectively? If you’re not doing these most basic of things, then you’re putting your business (and your customers’ businesses) at risk. Remember, as a managed service provider (MSP) you should set the example for your customers by practicing good cyberhygiene yourself.
Maintaining good cyberhygiene
To maintain good cyberhygiene you need to provide defense in depth, or layered security, as we term it. Once you’ve measured the risks your company faces, these are the layers you need to put in place to mitigate those risks at a basic level. They fall into three categories: proactive security, detective security, and reactive security.
One of the best forms of defense is to prevent malware from getting in to your system in the first place. Five essentials you should have in place to do this are:
- Network protection — helps protect networks as a first line of defense
- Web protection — helps safeguard users from visiting malicious websites
- Patch management — helps close known exploits before they become a problem
- Mail security — helps stop incoming email threats, including malware attachments, phishing, ransomware, and spam
- Identity management — helps ensure both users and administrators only have access to what they need to do their jobs. Also helps ensure that appropriate levels of authentication are in place to protect your assets, utilizing multi-factor authentication where possible.
Having said that, prevention is only the first part—when potential threats do crop up, you want to be able to detect them immediately. Here are four technologies that aid in detecting threats:
- Managed antivirus — to help give you solid malware protection
- Failed login checks and rules — to help keep hackers from brute-forcing their way into your systems
- Active device discovery — to help you detect rogue devices before they cause harm
- Threat monitoring — to help you proactively monitor events and follow up on incidents
Having solid proactive and detective security measures in place will help enable you to shut down the majority of threats, but the likelihood is that some will still slip through the cracks. If that does happen, you need to be able to quickly recover systems to a safe state, which means you need measures like:
- Backup and recovery — to help get you back up and running quickly after a disaster
- Virtual server recovery — to help you restore business continuity after an attack on your physical servers and workstations
- Local backup — to help you restore, even during an internet service disruption
- Hybrid cloud recovery — that provides on- and off-site data storage
Boring but essential
The challenge with good hygiene is that it’s the dull side of security; it’s the “boring” and repetitive things you have to keep doing in order to keep a business running. You need to make sure that if something comes in, you see it. This is the grunt work of security and often the most unappreciated, which sadly means it is often the aspect companies execute poorly.
While it may lack excitement, if you do it wrong, chances are you’re going to get hit. Bad hygiene accounts for a huge number of exploits that have been truly effective. There is not some shiny new toy or flashy tool that will help you do this; it just boils down to simple, hard work—and hard work that needs to be done. However, done properly, good hygiene can create a big barrier between companies and their potential adversaries.
Good cyberhygiene is about the basics, performing them right and doing them regularly; and to keep demonstrating to the customer that you’re doing them. Companies need to ensure that they have the right systems in place, and where possible, automate the really repetitive tasks to help ensure things don’t get missed.