Top 5 principles of cyber hygiene

In Opinions

Ihab Farhoud, the director for solutions engineering – METNA at VMware shares 5 key principles for attaining cyber hygiene that helps in keeping businesses and their employees safe.

Cyber criminals have proven themselves merciless in the face of a global crisis – the WHO for example reported a fivefold increase in cyber-attacks against its staff since announcing COVID-19 as a global pandemic, with some scammers even impersonating WHO in order to channel donations to a fictitious fund.

Despite this, security needs have not changed during the past few tumultuous months. What has changed is a need for improved education, to keep businesses and their employees updated on the basic principles to keep them safe. This will become increasingly important to maintain resilience against hacks, especially as people continue to work remotely.

The five cyber hygiene principles

So, let’s revisit these cyber hygiene principles: 

  1. Least Privilege – just because you trust everyone in your business doesn’t mean that your receptionist needs the same access levels as your CEO. Give users minimum necessary access and leave your most valuable data vulnerable to far fewer breach points. You wouldn’t give a hotel guest a key for every room in the hotel.
  2. Micro Segmentation – Breaking down your network into layers and self-contained areas keeps the entire system protected and ensures your access points aren’t left vulnerable to attack. Don’t neglect your perimeter, but don’t rely on this alone.  This is where intrinsic security – building it into your network and your application platform – makes security sense. As a business model flexes to meet the needs of a Covid landscape, it is this type of security that will help meet these needs.
  3. Encryption – Think of encryption as the last weapon in your arsenal against hackers – except with cyber security it keeps you ahead of the game. If all else fails and your firewalls and access protocols are breached, encryption means that all the critical data you have stored is useless to them. Like a Rubik’s cube, if you don’t know how to decode it and put it back together, encrypted data is a difficult puzzle to crack. Basic cyber hygiene means encrypting your files and data before sharing.  The same applies to encrypting network traffic wherever possible.
  4. Multi-factor authentication – From thumb-print ID to facial recognition, security is becoming personal. But even implementing basic two-factor authentication stops the first wave of breaches. And, the more personal we get with authentication, the more secure our networks will be. After all, your thumbprint is much more difficult to steal than your pin code!
  5. Patching – Systems require updates for a reason. Every time malware gets more advanced your service providers respond with system and software updates. Don’t remain in the past. Upgrade and update to stay ahead of your attacker’s game.

 Education, Education, Education
Although the recent pandemic has meant that everything has changed, when it comes to basic cyber security, we should presume that nothing has changed. The same basic cyber hygiene principals, which are often the simple ones that are forgotten or overlooked, are still just as relevant. They should be kept front of mind to keep businesses – and their employees – safe.

Comments

You may also read!

Five indicators that ascertain an impending ransomware attack

Peter Mackenzi, Global Malware Escalations Manager,Sophos, highlights the five indicators that point to an impending ransomware attack on any

Read More...

ESET to highlight KrØØk and Stantinko at Black Hat USA 2020

ESET, will highlight its latest research during Black Hat USA 2020. ESET researchers Robert Lipovský, Štefan Svorenčík and Vladislav

Read More...

Actionable DDoS Weapons Intelligence: a proactive way to successfully defend against DDoS attacks

Ehab Halablab, Regional Sales Director – Middle East at A10 Networks, emphasizes on the need to deploy Actionable DDoS

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu