Cyber hygiene. It’s a term that is both familiar to us and increasing in resonance over the past year. It’s not hard to decipher why, 2017 was the worst year yet for cyber security in both frequency and severity. There were more than 20,000 vulnerabilities disclosed and 5,000 publicly disclosed breaches.
In this post, I’m going to provide direction on what you can do to improve your cyber hygiene at an actionable level. I’ll share best practice guidelines that can help you maintain good cyber hygiene on an ongoing basis.
According to the CERT Division of the Software Engineering Institute (SEI), cyber hygiene is a set of practices for managing the most common and pervasive cybersecurity risks faced by organizations today. Though centered on IT, cyber hygiene is an organization wide issue. Everyone from the CEO to the newest intern is accountable for keeping data secure.
While there are best practices, there is no silver bullet. You’ll need to apply the best practices to your own organizational structure. Everyone’s implementation will look different.
And just as the threat landscape continues to evolve, so will your cyber hygiene practices. Today’s controls for employees, cloud environments, and on-premise infrastructure will be inadequate tomorrow. Maintaining good cyber hygiene, requires cloud native automation support.
Step 1: Visibility
First, you need full visibility of your hardware and software inventory. As the saying goes, you can’t manage what you can’t see. Without visibility into your inventory, you can’t be sure every remote endpoint is accessible to you and updated.
Visibility also provides you with a clear look at what 3rd party software is in your network, as well as what versions of each software you’re running. This line of sight provides you with the data required to upgrade out of date software and systems that may no longer be supported.
Step 2: Patch Management
Out of date patches are one of the most exploited attack vectors. We all know the reasons for not patching. However, today’s modern cloud native patch automation solutions have simplified and streamlined the patching experience.
Combined with visibility, cloud native patch automation enables you to quickly get your endpoints up to date and keep them in compliance. With your oversight, a patch backlog can be eliminated in a matter of minutes instead of days.
Step 3: Configuration Management
End user devices are another often exploited attack vector. While we can’t prevent every attack due to human error, we can reduce the variables with cloud native solutions.
You can enforce required software, blacklist software to keep it off of your network, manage password settings, and lock down USB ports among other settings. And, you can implement these settings without interfering with the day to day end user experience.
Step 4: Training
As I mentioned earlier, good cyber hygiene practices are everyone’s responsibility. That means you need to develop a training program for new hires as well as refresher courses for employees on a quarterly basis.
Reminding them about password practices or showing them how to identify phishing attacks doesn’t have to be a boring memo. If you want them to remember, make it fun. Record a video or a podcast. They can watch or listen on their time, but it must be a requirement for them.
Step 5: Adopt Industry Standards
From routine back ups to admin privileges to 2FA, there are well established industry benchmarks from NIST, CIS and the CERT Division of SEI. Below is their baseline practices to further organize your cyber hygiene efforts.
With the increase in threats from state actors, hacktivist groups, and criminals looking to make a few bucks. Basic hygiene practices will reduce your attack surface and make it more difficult for them to access your data.
Whether you’re a small business or a large multinational organization, the shortage of cybersecurity professionals means you need all the help you can get. Cloud-native automation can take much of the work off your plate, so you can focus on other security concerns.
About Automox
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.
