Start With The Basics: The SES Guide To Good Cyber Hygiene

Cyber Hygiene relates to the practices and precautions organisations need to take in order to protect their devices and infrastructure, maintain system health and improve their online security. These practices are often part of a routine to ensure the safety of identity and other details that could be stolen or corrupted. Much like regular hygiene is conducted regularly to ward off natural deterioration and common threats.

Below we have broken down the steps to maintaining good cyber hygiene into a simple checklist.

- Start by performing a risk assessment to identify where your vulnerabilities lie.

- Formulate written policies and procedures to outline:

• Data Protection.
• Privacy.
• Roles and Permissions.
• Social Engineering.
• Password Policy.
• Bring Your Own Device (BYOD).

- Train your workforce on your policies and procedures.

- Security training to enable your employees to identify and defend against cyber threats.

- Performing regular phishing assessments to determine your organisations susceptibility.

- Implement Multi Factor Authentication.

- Implement Anti Virus and malware detection.

- Internal controls and access controls.

- Secure passwords.

- Keep software updated and patched.

- Perform regular backups.

- Use reputable supplier with extensive security measures (ISO: 27001).

- Encrypt sensitive data and airgap hypersensitive data.

- Adequate logging and retention.

- Create a robust incident response plan and perform routine drills.

- Third party security risk management programmes.

- Firewalls, intrusion detection and prevention systems.

- Managed Service Provider (MSP) or Managed Security Service Provider (MSSP).

- Cyber Risk Insurance.

Although the checklist above provides an overview of many of the measures your organisation can take to improve its cyber hygiene, this list is not exhaustive. For more information on the steps your organisation can put in place and advice on improving your cyber security posture tailored to your individual organisation, please get in touch and one of our specialists will get back to you within one business day.  

© SES Secure Limited and ses-escrow.co.uk , 2019. Unauthorised use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to SES Secure Limited and ses-escrow.co.uk , with appropriate and specific direction to the original content.