Cyber Security Hygiene
For Your Home and Business
Strong Password Policies
Enforce the use of complex passwords and encourage the use of multi-factor authentication (MFA). Password managers can assist in generating and securely storing unique passwords for each account, minimizing the risk of unauthorized access.
Secure Work Environment
With the rise of remote work, organizations must ensure secure access to sensitive information. Implementing secure remote access solutions, encrypted communications, and VPNs can help safeguard data transmitted outside the office network.
Regular Backups
By implementing automated, regular backups of critical data to offline or cloud storage you ensure data availability and enable swift recovery in case of a breach or system failure. Google Drive, OneDrive, and others are good examples of synchronized copies, they are not point in time backups.
Deploying EDR
Deploying Endpoint Detection and Response (EDR) includes Instrusion Detection and Prevention (IDPS) technologies helps detect and mitigate potential threats in real time, providing an additional layer of defense against cyberattacks. Some of the basics are included in your known products such as McAfee, Symantec, Webroot, TrendMicro and others.
Records Management
Proper Records management is overall good hygiene. For example, software like MOVEit is used by organizations to transfer files (a secure file transfer software). But if you or the company keeps its files in the folders and never delete, move or archive them, etc... then it can easily grow and have years of accumulated files in the folder or directory. Implement a records management policy to move files/records to backup and archival locations.
Education and Training
Annual awareness programs to educate employees about the latest threats, social engineering techniques, and best practices. Raising awareness empowers individuals to identify and report potential risks promptly. Any report will at least prompt a review.
Regular Software Updates & Patching
Promptly applying software updates and patches is vital to address vulnerabilities. Organizations should implement robust patch management procedures and automate the update process whenever possible. Home users should followthe same rules.
Divide Your Network
Dividing networks into smaller segments limits the potential damage of an attack. It prevents unauthorized lateral movement within the network, isolating sensitive information and critical systems. This can be done at home as well with the proper equipment purchases.
Encrypting Data at Rest
Make sure that files are encrypted when stored in your file directories or SharePoint. This is related to MOVEit in that if a hacker gets to files stored in a directory and downloads them, then at least the files are encrypted and will prevent breach of confidentiality. This for home and businesses, BitLocker is a very good start for encrypting data at rest. Especially for laptops.
Incident Response Plan
Develop a comprehensive incident response plan that outlines clear steps to be taken in the event of a cybersecurity breach. Test and update this plan regularly to ensure its effectiveness. Again, start off small and improve as you mature. Basics for this type of plan would be "If a system is compromised, what are the steps taken to mitigate that system? (i.e. what do we do?) A simple plan would start with we get that system off the network.
Conclusion
All of the steps listed above are good starting points for your homes and business computers. This ensures that in the unfortunate event of a cybersecurity breach, you, your users or employees are well-prepared to handle it efficiently and minimize losses as much as possible. With these measures in place, we can all work together to ensure our data remains safe and secure. If you’re looking for some assistance, reach out to Rebnetik using our Contact Us form.
Technology Analysis
How can we help you?
Contact us to get your cloud services journey started. Submit your inquiry online by using the button below.