8 Tips to Maintain Cyber Hygiene

The COVID-19 pandemic made companies realize that how important it is to protect their data. Moreover, they have realized that how crucial the role of MSPs and other IT service providers is in protecting the data. As vaccines continue to roll out, businesses are now moving from remote work to hybrid work environment. With this situation at hand, companies will need to collaborate with their MSPs or IT departments to provide a thorough and long-term IT roadmap in order to revamp the IT security as per a workspace where half the employees work on-site while the other half work pretty much anywhere.

This edition of our technology tips will help companies or businesses in transitioning into a hybrid work environment while also maintaining cyber hygiene.

8 Tips to Maintain Cyber Hygiene

1) Implement Complete Security Makeover – Ask your MSP or IT department to update IT security so that it reflects the new reality of hybrid work environments. Businesses should sit down with their MSPs or IT departments and revisit unified threat management (UTM) features, firewall and VPNs to ensure their IT infrastructure can support remote workloads safely. Multi-factor Authentication (MFA) should be enabled across the board to add a layer of security to the companies system.

2) Bring Awareness – A staggering 17% of all sensitive files are accessible to all employees. Although MSPs invest time and money on a good BCDR solution, an internal accidental deletion on the business’s side can put all that efforts to waste. One of the best and easiest ways to mitigate data loss in a hybrid structure is by educating employees and making them aware of how to protect against threats so they know exactly what to do in case disaster strikes. Ask your MSP or IT dept. to provide training material which should be distributed to all the employees and make sure you advice them on data security best practices.

3) Investigate Remote Devices – Data is at bigger risk than ever since a large number of employees now work remotely and use public Wi-Fi networks, which allows hackers to gain easy access. Bad actors set up access points that are designed to trick employees to log into a fake router that allows hackers to read any unencrypted communication. Once they have access to one remote device, it wouldn’t be hard to gain access to the mainframe of the company’s network. MSP or the IT department should periodically scan and monitor employee devices and send red alerts to remote employees looking to connect to a public Wi-Fi network.

4) Create Separate Networks – Remote and on-site employees work best together when they work on separate networks. Companies should create a separate network in the IT Infrastructure for its remote employees. VPNs can be used to access this separate network. Add more security by limiting access to only the data they need. Create additional segmentation within the separate network with automated security checks, after which remote employees (when they are in office) can switch to the main corporate network.

5) Enforce Mandatory Password Changes – Secure company devices by enforcing password changes periodically. This is an integral part of the cyber hygiene to prevent account takeover (ATO) attacks. ATO involves cyber criminals stealing or buying credentials during third-party breaches and then reusing them to gain easy access to corporate systems to steal IPs, perpetrate business email compromise, gain access to financial accounts and commit other types of cyber fraud. A whopping 80% of all businesses experience at least one compromised account threat per month. Shuffling passwords is an efficient way to keep yourself in the safer 20% bracket.

6) Run Disaster Recovery Testing – Use the sandbox method to test the disaster recovery (DR): partition virtual machines and perform tests without affecting production servers. It assures that your hybrid workforce can access systems (either on-premise or the cloud) and everyone including remote employees can access data in case an actual disaster occurs. A lack of testing initiative can cost businesses anywhere between $10,000 per hour to $50 million per hour depending on the size of their business. Consult with your MSP or IT department to understand and practice the sandbox method.

7) Scan Vulnerabilities – Perform vulnerability test targeted at the company’s internal network to identify compromised devices that live on the corporate network. MSPs or IT dept. should provide an overview of where a potential internal attack can occur and where a threat vector could move after compromising one of the internal network machines. Document the results to keep an account of high-risk vulnerabilities that an attacker may leverage and study the findings in order to yield smart decisions out of it.

8) Maintain BCDR Runbooks – Whether you have a internal IT Department or an MSP taking care of your IT needs, it is your duty to ensure the updating of business continuity and disaster recover strategy based on all the considerations above. Have them tied together in a document or a “runbook” that clearly outlines procedures that your company should follow when a data loss incident occurs. It is a must to have user-friendly runbooks that include procedures and protocols that need to be followed by departments, teams and individuals during a disaster.

ddadmin