Cyber Security Fundamentals: Hygiene first

Concerned with how to ensure your business is protecting your and your clients data and assets??? There are many aspects to protecting your company and your clients but the single most important is basic Hygiene.? Just like you brush daily and then go to the Hygienist for a teeth cleaning twice a year to avoid bigger problems with your teeth this is also the foundation of a strong cyber security and data protection regimen.?

An on-going Hygiene focus is at the core of protecting your business and clients.? Some critical Hygiene focus areas that employees and developers need to be educated in and act on are:

• Patching and Vulnerability mitigation: Are all areas of your company keeping up with patching and vulnerability mitigation for your applications (custom & vendor) and systems?
• Password Hygiene:? Are passwords being changed frequently, do they follow security standards in length and complexity?? Are passwords being shared inappropriately???
• Security and Access Management:? Do you know who has access to your systems and data and is their access appropriate?? Is access removed when people change jobs or leave the company?? In data security and encryption being maintained?
• Logging and Tracking:? Is special access, updates and changes logged, tracked and reviewed to ensure business need on-going?
• Networking Hygiene: Network security, firewalls, intrusion detection and prevention systems are the responsibility of your networking and CISO teams but employees need to ensure they are following best Hygiene practices as well to avoid threats to breach these controls.? Are your employees educated on how to spot common threats like Phishing, Malware, and Social Engineering/Baiting as some common examples? ??If not, the best network security can be breached.

These items, like your teeth cleaning, needs a daily focus across the Enterprise and also periodic review and more in depth focus to ensure that larger issues are not being missed. A two times per year "Hygiene" review is a good place to start for the expert review.

Of course, there is much more to a robust cyber security plan than what I have described above but this type of employee/developer hygiene items are an essential focus for any organization.? Cyber security requires the awareness and focus of the entire company to protect your and your client’s data and systems.

I look forward to hearing what other Cyber Hygiene areas you think are important for your business.

???? #ITExcellence #TechnologyLeadership #CyberSecurity