The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

What is Cyber Hygiene and why is it important?

Download Windows Speedup Tool to fix errors and make PC run faster

Cybersecurity is emerging as a top concern for individuals and organizations worldwide. To address this, Microsoft recently urged companies to conduct cybersecurity awareness training programs and launched a cybersecurity awareness kit that offered simulation-based user training against cyberattacks. It is, therefore, imperative that users follow Cyber Hygiene. Cyber Hygiene refers to the steps taken by a computer user to secure his/her device and keep it running at optimum levels.

cyber hygiene

Just like you keep yourself healthy by following certain hygiene routines, the computer networks you use must be clean and tidy. A healthy network reduces the chance of hacking and provides you with a smooth experience. The post looks at what is Cyber Hygiene and recommends some practices that should keep your computer healthy.

What is Cyber Hygiene

Cyber Hygiene refers to checking that the network your company uses is up to the mark so that there are fewer chances of cybercriminals taking it over (hacking). In other words, cyber hygiene means keeping your computers and network safe and up to date so that it becomes difficult for hackers to access it.

Remember that social engineering is also a method of gaining access to company secrets. It is important to educate employees about possible types of malicious attacks that they may face when working on a corporate or university network. Students should be educated and provided with enough software and hardware tools to keep the network clean and their devices safe and fast.

While hacking a network is of great concern, and security can be tightened, it is also possible, through social engineering, to get one or more of the company’s employees to spill out employers’ secrets. There must be a contract or something that emphasizes both the employee and employer working towards better cyber hygiene.

How to maintain good Cyber Hygiene

How to maintain good cyber hygiene

Ransomware attacks which were rare a decade ago have become common now. Even more, as computers and the IT industry evolves, new viruses and malware are created. The real challenge still lies elsewhere. In a post-corona world, where living with the pandemic and remote working is the new normal, cybersecurity is emerging as a top concern for individuals and organizations across the world. Unlike systems in company offices that were managed under a common secure network and maintained by efficient security teams, work-from-home systems are way more insecure.

  1. Rely on reputed brands for antivirus and malware software
  2. Include a network firewall in your first line of defense
  3. Move from password protection to strong passwords
  4. Make it tougher for hackers with multi-factor authentication
  5. Use device encryption
  6. Protect your wireless network. Secure your router
  7. Clear data carefully and completely
  8. Take data backups regularly
  9. Prioritize regular OS and software updates
  10. Limit the number of users with administrative privileges
  11. Set reminders for infrastructure wellness checks
  12. Use a VPN
  13. Enable two-step authentication
  14. Use powerful passwords
  15. Keep a single Internet source
  16. Train and Educate employees.

In this environment, it becomes essential for both individuals and organizations to maintain good cyber hygiene. By this, I mean that every user must adopt some basic measures to safeguard the health of their computers, devices, and data. I believe that these are the 10 basic rules to ensure cyber hygiene. Let us see what these are.

The 11 rules of Cyber Hygiene are as follows:

Just like in the real world, cyber hygiene is also about using the tools to maintain the wellbeing of both devices and data, following the right procedures thoroughly, and nurturing a routine. In the case of cyber hygiene, this all comes together in the simple guidelines listed below:

1] Rely on reputed brands for antivirus and malware software

With antivirus software demonstrating only a 25% success rate in detecting malware, it is imperative that you always select a trusted brand. It is the first and most fundamental step in ensuring cyber hygiene. Also, remember to be careful while downloading free software.

2] Include a network firewall in your first line of defense

Just like a physical firewall, a network firewall stands between you and the digital world. It could be the best way to prevent unauthorized access to your websites, mail sites, and other sources of information.

The use of a hardware firewall is recommended for cyber hygiene for both – employees and students. Most routers come with one. Enabling it can further strengthen the connections

3] Move from password protection to strong passwords

It is no longer just enough to have a password. It is, in fact, more important to have a strong password. The expected norm is now a unique and complex password that contains at least 12 characters, which combine numbers, symbols, and capital and lowercase letters. You could use these password management tools for the purpose.

4] Make it tougher for hackers with multi-factor authentication

Yet a strong password alone is no longer the last line of defense. Cyber hygiene now demands a second line of defense that includes two-factor or multi-factor authentication features, such as biometrics or fingerprint recognition.

Read: Tips to maintain Windows 10 in good running condition.

5] Use device encryption

Even if your computer or device is compromised, data encryption could still safeguard your data, emerging as your last line of defense. This means that even if you do lose your device, you do not lose your data.  

6] Protect your wireless network. Secure your router

There are several simple steps that you could take to make your wireless network more secure—adopt a complex password, modify the router’s admin credentials and network name, use encryption.

7] Clear data carefully and completely

If you thought regularly emptying your recycle bin removes sensitive information from your hard drive, think again. Now, the regular use of data-wiping software is the expected norm to maintain cyber hygiene. It is the only way to truly ensure that erased data from your hard drive stays permanently removed.

Read: Beginners tips to optimize Windows 10 for better performance.

8] Take data backups regularly

While many of the best practices in cyber hygiene protect the integrity of your data, the disciplined routine of regular system backups on the cloud or an external drive ensures that your information is still available, even if your device is compromised. This necessary routine adds value to all the other safeguards that you might have instituted.

9] Prioritize regular software updates

Out-of-date apps provide easy, potential security holes for hackers. Yet studies indicate that at least 55% of PC software worldwide is outdated. In fact, setting up such a feature to update automatically ensures that your devices and data are constantly updated seamlessly.

10] Limit the number of users with administrative privileges

You need to have most of the Users set at Standard Users and only the bare minimum as Administrators.

11] Set reminders for infrastructure wellness checks

It is not just backups and software updates that must be prioritized regularly. That is why it becomes essential to calendarize other tasks that need to be built into your cyber hygiene routine. This includes scanning for viruses with antivirus software, updating the operating systems of all devices, checking for security patches, wiping the hard drive, and changing your passwords. Together, this sets a routine, ensuring that cyber hygiene becomes second nature to you.

12] Use a VPN

If they are connecting to the office or university network over the Intranet, using a VPN is recommended.

13] Enable two-step authentication

Enable two-step authentication wherever possible. This means you must perform another step after entering the password and ID. Sometimes, you can download an Authenticator app to your phone that acts as step two.

14] Use powerful passwords

You can create powerful passwords using a password manager. You simply memorize the main app password while the app itself remembers and fills in login pages.

15] Keep a single Internet source

Keep a single source from where all employees can access the external Internet. Most company networks are Intranets. This means that a company LAN is created using the Internet and secured by a password and login ID. If any employee uses his own device to connect to the Internet, especially when remote working, it can be a pretty bad mess if hackers use one of their methods to hijack your computer. From there, the entire LAN can be compromised.

16] Train and Educate employees

Train and Educate your employees on how to deal with phishing, social engineering, and similar tactics so that your employees and students don’t leave out any weak point in the company or university network.

We live in a connected, digital world where a single widespread computer virus could cause billions of dollars in damages in a matter of days. At such a time, these 10 simple steps offer organizations and individuals an easy guide on how to safeguard devices and data securely, cost-effectively, and effortlessly. Like in matters of everyday hygiene that safeguard an individual’s well-being, it is certainly better to be safe than sorry.

Read: Cyber hygiene is generally poor, says a report.

AnandK@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP (2006-16) & a Windows Insider MVP (2016-2022). Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.