Can you see the connection between personal body cleanse and computer network weaknesses?
To my eyes, the connection is based on the term “Cyber Hygiene”. Does it ring a bell?
What is Cyber Hygiene? to understand the meaning of this term, I want you to imagine... Imagine the world when people did not care of personal hygiene. Illness were caused way more easily and simple infections became harmful and even deadly disease immediately. Once hygiene principles were implemented, many of those notorious diseases were prevented or at least were limited. Much like physical hygiene, Cyber Hygiene works the same. Taking the same principles and making hygiene routines on your network can prevent common threats and natural risks from becoming a bigger problem.
The Center for Internet Security (CIS) and the Council on Cyber Security (CCS) defines Cyber Hygiene as the actions that protect and maintain IT systems and devices health and improve the cyber security in the best ways. Basically, it means to take care of some basic actions in the network and keep maintaining them as routines in purpose to keep data safe and protected.
Using Cyber Hygiene includes the use of practices and precautions taken in order to keep data organized and secure against theft, outside attack or other ways of losing it.
Why should we implement Cyber Hygiene?
Just as lack of physical hygiene could harm your body, lack of Cyber Hygiene could harm your network.
Lack of security controls or lack of security principals implemented throughout the network will increase the likelihood of business disruptive and data breaches to occur. Here are some examples of risks that can be avoided by implementing cyber hygiene:
- Outdated Anti-Virus expose the network to new viruses and malware.
- Outdated software makes the applications more exposed to attacks and malware.
- lack of effective backup exposes the organization to data lost, when data cannot be recovered.
- Multiple undocumented data storage usage exposes the organization to data lost when data cannot be retrieved.
Now that we understand the meaning of Cyber Hygiene, let's turn it into actionable controls.
What are the first things you should do in order to prevent from getting sick? Are they valid for your network too?
The way we see it, the first thing to prevent illness is to have an overall scan. To your network, it is translated into mapping. Knowing your network is the primary step to implement Cyber Hygiene.
Know your network:
Same as you know what your body habits are (e.g. when to go to sleep, worm-up before practice, etc.), the same goes for your network devices. A detailed and updated mapping and documentation of your network is required in order for you to understand what the weak spots of the network are. In order to achieve that , here are some steps to identify software and devices in your network:
- Create an excel file and split it into separated sheets for each kind of a device. Try to have sheets for computers, users, servers, applications etc. to more granular you ensure, the better understanding you will get.
- Add as many details you can. although annoying, this will pay off later when you start using this inventory as your basics for hygiene.
- Dedicate a spreadsheet to your change log. Create a sheet which will contain a device name, and the changes or problems that occur to the device. It will help you troubleshooting future problems and to recover a device, once a critical failure occurs.
- Highlight devices that have direct connection to the internet. These devices are more vulnerable.
- After you finished documented scrutinize the lists and check if you have unused software and components. If you have doubled services, you should take care of them and deal/get rid of the duality.
- For the advance audience, you can use office Visio to create a network topology diagram. It should include the networks segments, the routers connecting them, the servers and the main pieces of the network’s hardware that are connected to each segment.
- The last step is to check if your documentation is sufficient enough for your needs. Ask yourself if it’s properly organized. Do you think it can help someone with no prior knowledge to understand your network and recover it in the case of disaster?
These are the first steps towards implementing Cyber Hygiene.
Very simple - Start mapping.
On my next post I will continue to share the next recommended hygiene principles to implement. See you all soon.
Need help, feel free to contact us and we will be more than happy to further assist you.
What are these posts?
These posts are the first out of a new cyber security fundamentals series I will write about.
My name is Yoav Berger, and I am a cybersecuirty analyst at CST-360. I started researching cyber-related topics on my military service and I wish to share what I have learned.
Eventually, the goal of our posts is to give fundamental tools, that can be applied immediately and will help anyone who wishes to increase his understanding and knowledge of cybersecurity. I hope this post does that. See you on my next post.
אנולוגיה יפה לעולם ההיגינה האישית מול היגינת הסייבר.
מיפוי באמצעות גיליונות אקסל בסדר אבל דורש מעקב ועדכון שוטף וכאשר מדובר בעשרות שרתים / מערכות זה הופך את זה לקשה יותר ולעדכניות הולכת ופוחתת, כמובן שזה תלוי בי שזה כך.
האם תוכל להמליץ על מערכות / תוכנות אוטומטיות / חצי אוטומטיות שיאפשרו מיפוי מהיר יותר, מערכת/תוכנה שיכולה להיות חלק משגרת פעילות?
Thank you for addressing us with your question.
Bottom line - Its all about your needs and objectives.
There are so many options and tools to facilitate mapping, discovering and monitoring of your data and processes. Some tools are very expensive with many features, some moderate and obviously, some are open source and free.
Let's take it offline and discuss your actual needs.