Why is it that dentists advise people over and over to floss, yet so few do it? It only takes a minute of your time, yet if you’re running late or feeling tired, you may be tempted to skip it. That is until you remember your upcoming teeth cleaning appointment. There is nothing like the memory of a long and painful visit to the dentist to motivate good dental hygiene. Smart habits today can save you time and money later.
Good habits are also important in cybersecurity. It is typically much cheaper to prevent an attack than to respond to one already in motion. A great example is the WannaCry ransomware attack. Attackers exploited a vulnerability, which resulted in as much as $4 billion worth of damage around the world. The vulnerability had been patched in a security update released by Microsoft one month prior to the attack, so organizations who had installed the latest updates were spared.
Sometimes cyber hygiene advice is ignored because it’s not the new, shiny whiz-bang solution du jour. It’s easier to get attention for a sparkly light-up electric toothbrush than for a plain old piece of dental floss, but that “plain old” floss is key to keeping your choppers cavity free.
With this in mind, we broke out the four best practices of cyber hygiene, outlined in 24th edition of the Microsoft Security Intelligence Report (SIR), to help reduce your risk of attack:
Good security hygiene includes routine policies and procedures to maintain and protect your IT systems and devices:
The principle of least privilege should guide your access control policies. Malicious actors want to take control of the most privileged accounts in your organization, so the fewer people that have them the better. You also should be mindful that even though your company may have a “trusted software only” mandate, employees may unwittingly download unsafe software that can spread “malcode” throughout your organization.
Your organization’s data is often its most valuable asset. If you suffer a security breach or a ransomware attack, a good backup process can save you if your data is destroyed or removed.
Your employees are a constant target of attackers, and many are tricked into downloading malicious software or sharing their credentials. They can also be your first line of defense. A strong cybersecurity education program can turn employees from targets to first responders.
There’s probably nothing that surprised you on this list, but can you confirm with 100 percent certainty that your company is practicing and enforcing all of these cyber hygiene recommendations? Instituting security preventative practices may not be as easy as flossing your teeth, but there are resources that can help.
For more details about these and other security recommendations:
The main components of the Microsoft Intune Suite are now generally available. Read about how consolidated endpoint management adds value and functionality for security teams.
To confidently secure identity and access at your organization, here are five areas Microsoft recommends prioritizing in the new year.
The Microsoft Incident Response team takes swift action to help contain a ransomware attack and regain positive administrative control of the customer environment.
With the coming wave of AI, this is precisely the time for organizations to prepare for the future. To be properly ready for AI, Zero Trust principles take on new meaning and scope. The right endpoint management strategy can help provide the broadest signal possible and make your organization more secure and productive for years to come.
