How Cyber Hygiene Can Keep You Safe in 2024
What Is Cyber Hygiene?
Cyberhygiene is the first line of defense against hackers and cyber-attacks. Good cyberhygiene consists of simple daily routines, good procedures, and periodic check-ups to make sure your online health is in optimal condition.
There are five different types of cyber hygiene that you can employ to protect against cybersecurity incidents.
- Storage and device hygiene (e.g. the use of USB flash drives, encryption of databases);
- Transmission hygiene (e.g. use of a Virtual Private Network (VPN, connecting to public networks, use of encryption);
- Facebook and social media hygiene (e.g. reducing the amount of personal information, managing privacy settings on social media);
- Authentication and credential hygiene (e.g. password sharing, changing default passwords);
- E-mail and messaging hygiene (e.g. encryption of messages, checking a sender’s e-mail domain name).
8 Essential Tips To Improve Your Cyber Hygiene
1. Update Software Regularly
Cyber attackers take advantage of software vulnerabilities in operating systems, web-browsers and other software. That’s why it’s important to keep your systems protected with the latest security features and patches for security flaws. Software updates are developed to implement the latest security features to keep hackers out. Ensure your operating systems and applications are set to update automatically where possible.
2. System Hardening
System hardening is the practice of removing unnecessary software to reduce the attack surface for a malicious actor. Less applications on your system means less incoming and outgoing connections, software vulnerabilities and exchange of information. It makes it simpler to protect your computer and minimises your exposure to cyberattacks. Remove all programs you don't need on your system it will make your computer faster, creates storage space and increases your digital safety.
3. Use Strong Passwords or Passphrases
One of the most common ways that hackers break into computers is by using compromised passwords. Simple and commonly used passwords enable intruders to gain access and control easy. Use complex passwords with minimum length of 12 characters, a combination of numbers, capitals, lowercase and a symbol. Or even better, use passphrases. Don't use the same password twice and use a password manager to help you keep track of your passwords.
4. Use Encryption
Add an extra layer of protection by encrypting your devices. Encryption is the process of scrambling information into an unreadable format. Your information can only be decrypted with a password or other form of authentication. Encryption safeguards information and files such as pictures, computer programs and documents. It protects the data you send, receive, and store. Even if your data falls into the wrong hands, encryption will protect it. Use FileVault for Mac computers, device encryption on Windows systems and encrypt information on USB-sticks, hard-drives and other removable media.
5. Backup Regularly and Offline
A data backup is nothing more than a copy of files from your computer or device. Even if you lose access to your data on a primary system, (e.g. after a cybersecurity incident), you still have access to your files. Use cloud services such as iCloud, one drive, Dropbox or Google Drive for online (synchronised) storage.
Cloud services are a great solution, but if you (or malicious software) deletes or corrupts your data, your online (synchronised) information will be affected just as hard (e.g. by ransomware). Therefore, we also recommend an offline backup on a hard drive or other storage device. Ensure the encryption of your offline backup is activated and that this backup is made regularly.
6. Use Anti-Virus and Anti-Malware Software
Anti virus software is the gatekeeper of your system. It detects, blocks and neutralises viruses. It also fights off other kinds of threats such as phishing attacks, worms, ransomware and other malicious software (malware). Anti-virus software scans your computer for known viruses and malware using a large database. These “virus definitions” are updated real time based on intercepted viruses all over the globe. Anti-virus software also uses a method called "heuristic analysis" to detect suspicious activity from any program that might be infected. Up to date anti-virus software prevents most infections.
7. Use a Virtual Private Network (VPN)
A VPN allows you to create a secure connection to another network over the Internet. It encrypts your information and hides the location of your computer. It uses a virtual "tunnel" for all your data. It makes your considerably more network hack-proof, and your transmission is encrypted, making the information unreadable if someone intercepts it. Especially when you use a public Wi-Fi network, a VPN connection is essential to stay safe online.
8. Employ a Cyber Security Management System such as ISO 27001
If you need to protect a business or larger organisation, an information security management system such as ISO 27001 helps you to manage your cybersecurity. The ISO 27001 Information Security Management standard offers a framework that ensures the confidentiality, integrity, and availability of information. It includes a list of 114 controls to safeguard your information security and implement a good cyberhygiene. If your organisation meets the strict requirements in this standard, your will receive the ISO 27001 certification. It is an excellent way to prove your clients, suppliers and other stakeholders your cybersecurity is on par.
These eight tips are just the start of a good cyberhygiene. Most of the tips are easy to implement, free and can prevent cyberattacks impacting your digital safety. Make cyberhygiene a habit and part of your company culture.
Bonus Tips To Stay Safe Online
- Check the lock icon (also known as SSL) on your web browser when connecting to sites where you exchange sensitive (financial) information.
- Change the default username and password on your devices to something unique.
- Keep your systems clean; less information on it means less information that can be accessed when breached.
- Check the domain of the sender of an e-mail before opening.
- Search your name and business online to see what comes up
- Check if you have been breached on HaveIBeenPwned.com.
- Manage your privacy settings on social media platforms and change it to private where possible.
- Use multi-factor authentication if available (e.g. with a text, code generator or app)
- Always use a USB data blocker when charging your devices or connecting unknown devices
- Tags: Cybersecurity USB