Every time we read about another security incident and data breach from a well-known brand like Home Depot or Target, we immediately worry if our personal customer information has been compromised. For organizations, it is a race against time, to determine the risk level after a breach. Organizations need to think about the harm caused, the number of people affected and the size of the data breach. In fact, this routine is becoming familiar for consumers and organizations of all sizes when the media broadcasts the latest security breach.
According to a ‘Cyber-resilience health-check’ report published by the Australian Securities and Investments Commission (ASIC) in 2015:
“Attacks are escalating across the data-driven, mobile, Internet and cloud-based services. Cyber criminals and hackers increasingly are experimenting with different types of malware based attacks on their victims.”
Today, hundred of millions of people use the Internet, mobile and storage devices every day. A new term, cyber hygiene, has become popular in the media in recent years related to individuals and organizations taking steps to prevent cyber crime. Public health best practices encourage people to wash hands and get vaccinated. Similarly, people can follow cyber hygiene strategies to potect themselves against cyber attacks. Cyber security experts say that up to “90 percent of attacks can be prevented by doing basics such as keeping software up to date.”
Five best practice cyber hygiene strategies individuals and organizations can do to improve online security:
1. Control – Limit and manage those who have administrative privileges for on your computer. Spend most of your time logged in as a basic user, especially when emailing and browsing the Web. Login to your computer with administrative privileges when necessary.
2. Count – Know which applications are running on your network. Most users have a tendency of installing applications and do not delete them when they no longer need them. When too many applications run on your computer in the background, the system slows down. Get into a habit of knowing what software applications you need and use regularly and delete the rest.
3. Configure – After you know which applications you use regularly, like Microsoft Office, MS Outlook, web browser, block all other unknown applications from running. This will ensure malicious or harmful software applications cannot be run accidentally and case serious damage to your computer. Web browsers and mail client applications are two of the more popular applications intruders use to breach a computer. For instance, get into the habit of clicking on file attachments that you recognize from friends. Security firm, Blue Coat Systems, says the 10 Top-Level Domains (TLDs) with the highest percentage of suspicious websites to avoid are:
- .gq (Equatorial Guinea)
4. Patch – The act of regularly updating all apps, software and operating systems in your computer is referred to as installing or running a patch. For example, automatically running software updates for your operating system ensures you will have the latest version of Windows, Mac, iOS or Android at all times. The same instructions apply for device applications, which includes running software updates for programs like MS Office, Java, Adobe PDF readers, browsers and other applications.
5. Repeat – If you follow the steps outlined above once, it not be enough and something bad may happen. The best way to protect your computer and devices is to regularly follow the above strategies outlined above. This may involve creating a simple priorities checklist for cyber security that you run through once each month. Doing so will protect you against the majority of cyber threats and security breaches that affect most people and organizations every day.
Individuals and organizations that follow good cyber hygiene practices have more peace of mind. It is no different than monitoring your health and scheduling your automobile’s maintenance. People who practice good cyber hygiene habits get more done, are happier and spend less time troubleshooting because they have fewer surprises. When they have to call an expert, it is usually about a serious issue.
If you are unsure where to begin, ask an expert for help on how to practice good monthly cyber hygiene habits. If you need to escalate an issue, the expert will likely first check with you about your monthly checklist before shifting to advanced troubleshooting and problem solving.