In 2019, news broke that a media company leaked 540 million Facebook records onto the Amazon cloud server, including users’ account names, IDs, and reactions to posts. That same year, First American Financial Corporation customers had 885 million of their records, including bank transactions and social security numbers, exposed publicly online. The reason for these breaches? Poor security.
Cyberattacks cost Americans over $27 million a year, according to the report “The Cost of Cybercrime,” and 71 percent of cyberattacks target small and medium-sized businesses. As organizations conduct more of their business online and a greater number of employees work remotely, especially during crises like the COVID-19 pandemic, cyber security risks become more acute. This highlights the importance of robust security plans for every business. Cyber hygiene plays a vital role in helping businesses keep sensitive information safe from attacks and theft.
What Is Cyber Hygiene?
As with personal hygiene, cyber hygiene involves developing important habits. In the case of cyber hygiene, those habits help computers and other devices that rely on connectivity perform at their best. Cyber hygiene also helps detect problems with computers and allows for quick fixes. Tasks include setting strong passwords and changing them regularly, installing antivirus software, and using network firewalls.
Cybersecurity professionals help keep emails, networks, operating systems, printing devices, and other technology safe. Every access point to a connected device is vulnerable. Good cyber hygiene helps protect against those vulnerabilities by accounting for various risks. This practice helps individuals and businesses keep their data safe, preventing malware and other attacks from breaching networks and devices.
An assessment of American cybersecurity practices found that even though 88 percent of Americans report they take necessary steps to stay safe from cyberattacks, less than half actually perform the bare minimum when it comes to cyber hygiene. Cyber hygiene best practices include:
- Installing antivirus and malware software and scanning for viruses
- Using firewalls to stop unauthorized users from getting information
- Updating apps, web browsers, and operating systems on all devices regularly
- Keeping hard drives clean by reformatting and wiping them
- Changing passwords and using multifactor authentication
For businesses, cyber hygiene requires a two-pronged approach. Businesses must address both technical and nontechnical issues. Technical issues center on security controls, or countermeasures that reduce risks. They include hardware, software, and other mechanisms that keep devices safe. Nontechnical issues refer to policies and procedures that guide how organizations manage security, and may also involve employee training and security awareness.
Benefits of Cyber Hygiene
Cyber hygiene helps individuals and businesses in many ways. For example, good cyber hygiene might have prevented the infamous data breach at Equifax and saved the company millions of dollars and its reputation. It might also offer greater peace of mind to people working remotely during a public health crisis like the COVID-19 pandemic. By lowering the risk that hackers will take advantage of security gaps, cyber hygiene helps:
- Protect a business’s data and client information
- Keep devices and computers running well
- Safeguard against ransomware and malware
- Avoid phishing attempts and other malicious activity
- Identify and fix outdated admin privileges from former employees, etc.
- Locate unmanaged assets
- Find unauthorized software on a system
When businesses or individuals neglect cyber hygiene, they can encounter all sorts of problems. Maintenance allows software and computers to run effectively and ward off more serious problems, such as data loss due to corruption or hacking, and misplaced data.
Cyber Hygiene Best Practices
What should businesses do to ward off cyberthreats? Security experts offer useful advice about cyber hygiene:
- Audit the company’s cybersecurity technology to determine what malware protections and spam filters the company has and their condition.
- Onboard employees with in-depth cybersecurity awareness training and provide monthly reviews and updates on relevant cybersecurity topics to all employees.
- Hire an ethical hacker to assess the company’s vulnerabilities.
- Bring in third parties to conduct internal risk audits and conduct biannual internal process reviews.
- Place physical barriers that limit visitors’ access to networks.
- Separate duties to avoid the concentration of power and control over security in too few hands.
- Regularly update and patch servers, computers, security cameras, and other devices.
- Do not allow employees to use their own devices for company work and prohibit them from using company-issued devices for personal use as well.
- Create an incident response plan to help manage security breaches or attacks and to limit damage and disruptions.
Discover How Cyber Professionals Keep Businesses Safe
With a growing reliance on technology, businesses need cybersecurity experts who can handle cyberthreats and ensure good cyber hygiene practices. Tulane University’s School of Professional Advancement offers two degree programs, an Online Master of Professional Studies in Information Technology (MPS IT) and an Online Master of Professional Studies in Cybersecurity (MPS Cyber), that train graduates to help businesses address their vulnerabilities and ward off cyberthreats. Discover how Tulane University’s School of Professional Advancement prepares graduates to become cybersecurity experts and thrive in the business world.
Cybersecurity Skills Gap: Key Needs for Tomorrow’s Workforce
NIST Cybersecurity Framework: 5 Essential Phases for Optimal Security
11 Tips to Protect Consumer Privacy for 2019 National Cybersecurity Awareness Month
Accenture Security, “The Cost of Cybercrime”
CBS News, “Hundreds of Millions of Facebook User Records Were Exposed on Amazon Cloud Server”
CNBC, “5 of the Biggest Data Breaches Ever”
Digital Guardian, “Enterprise Cyber Hygiene Best Practices: Tips & Strategies for Your Business”
Digital Guardian, “What Is Cyber Hygiene? A Definition of Cyber Hygiene, Benefits, Best Practices, and More”
Gizmodo, “885 Million Records Exposed Online: Bank Transactions, Social Security Numbers, and More”
Hiscox, The Hiscox Cyber Readiness Report 2019
Inc., “How Can 73 Percent of Companies Not Be Prepared for Hackers?”
IndustryWeek, “Cybersecurity Hygiene: 17 Steps Your Business Should Be Taking Now”
Network Depot, “Why Your Small Business Should Practice Good Cyber Hygiene”
Norton, “Good Cyber Hygiene Habits to Help Stay Safe Online”