Hygiene hygiene hygiene…the term that resonates from all corners of the world. The year 2020 is witnessing innumerable uncertainties in economies, people, and livelihoods. The Covid-19 pandemic has created a surge in demand for personal hygiene products, in the same way, it also created a need for integrating additional cybersecurity measures to deal with newer data risks. Just as frequently washing hands and keeping physical distancing are mandated for personal hygiene, software patches and frequent password updates are significant in cybersecurity hygiene, so as to evade data breaches, and loss and to effectively identify theft.
Though cybersecurity hygiene is a common practice, the pandemic has brought in a new set of threats that are associated with employees working from home. With almost 90% of the employees working from home, there is a need to alter the common cybersecurity hygiene checklist amid new kinds of ransomware, phishing, and malware incidents during the pandemic.
Enterprise Cybersecurity Hygiene Checklist:
- Antimalware and firewalls
- VPN use
- Network segregations
- Regular cybersecurity awareness training
- Strong password policy
- Multifactor authentication
- Limit access privilege
- Encrypt, encrypt, encrypt
- Regular backups
- Secure employee-owned devices-routers, phones, computers, printers
- Inventory hardware and software on the network
- Double-check identity when accessing common cloud services
Today, in the remote work-from-home environment cybersecurity hygiene must be a shared responsibility among CISOs and all employees in an enterprise. Accessing enterprise data from anywhere and from any device is always a risk for organizations if not in a properly secure environment. As discussed earlier securing the remote work-from-home environment is a responsibility that employees have to be vigilant on. It is important for cybersecurity professionals to take training sessions for all the employees to make them understand and implement basic cybersecurity hygiene routines to be followed on their home networks.
Cybersecurity Hygiene checklist for Remote workforce:
- Security professionals must be sure to Install firewalls and anti-malware software on all the devices connected to a home network
- Employees must proactively Install the latest software updates and patches
- Employees must strictly follow the organization’s home policy
- Good Antivirus software with the latest updates must be installed
- A strong password is the need of the hour; employees must stay away from using default or easily tracked passwords
- Employees must regularly back up their devices
- Strict “No” to new installs such as games and apps from unauthorized sources
- Employees must be aware of the Phishing emails and must immediately report
Following the checklist helps prepare to test and establish ways to maintain good cyber hygiene
Cybersecurity pandemic planning checklist
- Policies/ procedures: Pandemic-centric cybersecurity policies may be the same or need to be updated as per the new set of cyber-attacks and their consequences. Documentation on Cybersecurity operating procedures must be kept current.
- Cross-training and backup plan: Organizations need to create a skills matrix of key cybersecurity personnel and their roles, and need to cross-train them on handling events in case of emergency.
- IDS and IPS management: Make Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) both part of organizations’ network infrastructure. IDS/IPS are configurable to help enforce internal security policies at the network level. Co-ordinate with network vendors, including local access, internet access, and WAN services, to make sure the ongoing outbreak does not disrupt the network services
- Cybersecurity plans: Ensure the cybersecurity or information security plan is up to date and documented with all necessary data to respond to a cyberattack.
- Integrate a Zero Trust Architecture: which helps to prevent unauthorized access, and reduce the risk of any hacker’s movement within your network.
- Security posture assessment: Frequent security posture assessments help cybersecurity personnel identify cybersecurity strength and resilience in relation to cyber threats.
- Incident Response Plan: To identify, analyze, and mitigate a potential cyberattack. An Incident response plan helps IT staff detect, respond to, and recover from network security incidents such as cybercrime, data loss, and service outages.
Mounika Raghavarpu is a technical writer and marketing designer who has Technical acumen in industry-leading technologies and specialized IN Writing and Editing Operational Procedures and Manuals. Her creativity and ability to think of new ideas made her a part of Digital Marketing to devise and execute marketing communications. She loves to design marketing collateral, business presentations and branding material for digital publications and social media.
Apart from being a technical writer, she loves painting, enjoys playing with her kid and watching movies in her free time.