Hygiene hygiene hygiene…the term that is resonating from all the corners of the world. The year 2020 is witnessing innumerable uncertainties in economies, people and livelihoods. The Covid-19 pandemic has created a surge in demand for personal hygiene products, in the same way, it also created a need for integrating additional cybersecurity measures to deal with newer data risks. Just as frequently washing hands and keeping physical distancing are mandate for personal hygiene, software patches and frequent password updates are significant in cybersecurity hygiene, so as to evade data breaches, loss and to effectively identify the theft.
Though cybersecurity hygiene is a common practice, the pandemic has brought in a new set of threats that are associated with employees working from home. With almost 90% of the employees working from home, there is a need for altering the common cybersecurity hygiene checklist amid new kind ransomware, phishing and malware incidents during the pandemic.
Read our Blog to understand the Cybersecurity trends of 2020
Enterprise cybersecurity hygiene checklist:
- Antimalware and firewalls
- VPN use
- Network segregations
- Regular cybersecurity awareness training
- Strong password policy
- Multifactor authentication
- Limit access privilege
- Encrypt, encrypt, encrypt
- Regular backups
- Secure employee-owned devices-routers, phones, computers, printers
- Inventory hardware and software on network
- Double-check identity when accessing common cloud services
Today, in the remote work from home environment cybersecurity hygiene must be a shared responsibility among CISO’s and all employees in an enterprise. Accessing enterprise data from anywhere and from any device is always a risk for organizations if not a proper secure environment. As discussed earlier secure the remote work from home environment is the responsibility that employees have to be vigilant on. It is important for cybersecurity professionals to take training sessions for all the employees to make them understand and implement basic cybersecurity hygiene routines to be followed on their home networks.
Cybersecurity Hygiene checklist for Remote workforce:
- Security professionals must be sure to Install firewalls and anti-malware software on all the devices connected to a home network
- Employees must proactively Install the latest software updates and patches
- Employees must strictly follow the organizations work from home policy
- Good Antivirus software with latest updates must be installed
- A strong password is the need of the hour; employees must Stay away from using default or easily tracked passwords
- Employees must Regularly back up their devices
- Strict “No” to new installs such as games and apps from unauthorized sources
- Employees must be aware of the Phishing emails and must immediately report
Following checklist helps prepare to test and establish ways to maintain good cyber hygiene
Cybersecurity pandemic planning checklist
- Policies/ procedures: pandemic centric cybersecurity policies may be the same or need to be updated as per the new set of cyber-attacks and their consequences. Documentation on Cybersecurity operating procedures must be kept current.
- Cross-training and backup plan: organizations need to create a skills matrix of key cybersecurity personnel and their roles, and need to cross-train them on handling events in case of emergency.
- IDS and IPS management: Make Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) both part of organizations' network infrastructure. IDS/IPS are configurable to help enforce internal security policies at the network level
- Co-ordinate with network vendors, including local access, internet access, and WAN services, to make sure the ongoing outbreak does not disrupt the network services
- Cybersecurity plans. Ensure the cybersecurity or information security plan is up to date and documented with all necessary data to respond to a cyberattack.
- Integrate a Zero Trust Architecture which helps to prevent unauthorized access, and reduce the risk of any hacker’s movement within your network.
- Security posture assessment: frequent security posture assessments help cybersecurity personnel’s to identify cybersecurity strength and resilience in relation to cyber-threats.
- Incident Response Plan: To identify, analyse and mitigate a potential cyberattack. An Incident response plan helps IT staff detect, respond to, and recover from network security incidents such as cybercrime, data loss, and service outages.