The start of a new year is always a great time to review what you’ve been doing over the past twelve months and set yourself new goals. When it comes to your practices around cyber security – it should be no different.
In this blog, we’ll look at a number of common habits that you may have fallen into over the last year and review the kind of impact they may have had on your organisation’s cyber security. In particular, we’ll be looking at common pitfalls and best practices around cyber hygiene to understand where there may be scope for improvement over the next year.
What is Cyber Hygiene?
If you aren’t familiar, ‘cyber hygiene’ refers to common practices and steps that individuals can take when using their computers and other devices to minimise cyber security risk.
These practices cover the ways that people commonly use their devices on a daily basis, particularly practices that can seem harmless – such as what they do with their device when it’s unattended or which wireless networks they connect it to.
By being more aware of their cyber hygiene, and understanding what they should be doing to maximise it, individuals can greatly improve the overall cyber security of their organisation.
What is Cyber Hygiene Best Practice?
Here are ten ways in which you can improve your cyber hygiene:
- Using the VPN (Virtual Private Network) provided by your organisation when working remotely.
- Checking with IT if you need to travel with your work laptop.
- Locking or logging off from your devices when they are not in use.
- Being aware of who can see sensitive information on your device.
- Only connecting your work devices to trusted home networks.
- Reporting suspected incidents, breaches, or disclosures to your IT or IS manager.
- Contacting your security team before sharing sensitive data.
- Following your organisation’s cyber security policies and procedures.
- Only using approved company software on company devices.
- Keeping your passwords long and unique to each system.
What Are Common Cyber Hygiene Pitfalls?
Here are ten common mistakes people make when it comes to their cyber hygiene:
- Using work devices for personal purposes without authorisation
- Using personal devices for work purposes without authorisation
- Leaving confidential information unattended
- Using public WiFi on your work devices
- Using unauthorised devices to connect to trusted networks
- Using personal cloud storage on work devices (e.g. DropBox, BOX, OneDrive and iCloud) without authorisation
- Sharing cardholder data in any form (excluding valid exceptions that have been reported to infosec)
- Changing or jailbreaking work devices
- Downloading unapproved software to your work devices
- Sharing or reusing your passwords.