Good cyberhygiene refers to the essential layers of security that every business should have in place. Even the Crown Jewels we discussed in the previous article don’t circumvent this. This is the minimum essential core of what you should be investing in to help you keep your business running securely. Ultimately, it’s this that will help stop you from becoming a victim of cybercircumstance and yet another breach-report statistic.
Good hygiene is fundamental to the basics of cybersecurity. You need to be asking yourself questions like: Are you running antivirus across your system? Are you backing up appropriately? Are you doing some form of network monitoring and some sort of identity management? Is your firewall configured appropriately to protect and segment your network? Do the people within the environment have only the rights necessary for them to do their jobs? If you’re not doing these things, then you’re putting your business (and your customers’ businesses) at risk.
Maintaining good hygiene means providing defense in depth, or layered security as we term it. Once you’ve measured the risks your company faces—or your customers’ businesses face if you’re a managed service provider (MSP)—these are the things you need to do to mitigate those risks at a basic level. They fall into three categories: proactive security, detective security, and reactive security.
The best defense is to prevent breaches altogether. The three essentials you need to help stop malware getting in, in the first place, are:
But prevention is only the first part—when potential threats do crop up, you have to be able to catch them immediately. This means employing:
Solid proactive and detective security measures will enable you to shut down most threats, but the likelihood is that some will still slip through the cracks. If that does happen, you need to be able to quickly recover systems to a safe state, which means you need:
The challenge with good hygiene is that it’s the dull side of security; it’s the “boring” and repetitive things you have to keep doing in order to keep a business running. You need to make sure that if something comes in, you see it. This is the grunt work of security and often the most unappreciated, which sadly means it is often the aspect companies execute poorly.
While it may lack excitement, if you do it wrong, chances are you’re going to get hit. Bad hygiene accounts for a huge number of exploits that have been truly effective. For example, the Equifax® breach of last year was due to a Struts vulnerability not being patched. Good hygiene would have ensured that breach didn’t happen in that way, because the company would have had all its systems patched and up-to-date.
There is not some shiny new toy or flashy tool that will help you do this, just simple, hard work—and hard work that needs to be done. However, done properly, good hygiene can create a big barrier between companies and their potential adversaries.
Good hygiene is about the basics, performing them right and doing them regularly; and to keep demonstrating to the customer that you’re doing them. For MSPs, it’s an opportunity to work with companies to help ensure they have the right systems in place, and where possible automate the really repetitive task to help ensure things don’t get missed.
In my next blog, I’ll be looking at how MSPs can help companies ensure they don’t spread their security too thin.
Tim Brown is VP of Security for SolarWinds MSP. He has over 20 years of experience developing and implementing security technology, including identity and access management, vulnerability assessment, security compliance, threat research, vulnerability management, encryption, managed security services, and cloud security. Tim’s experience has made him an in-demand expert on cybersecurity, and has taken him from meeting with members of Congress and the Senate to the Situation Room in the White House. Additionally, Tim has been central in driving advancements in identity frameworks, has worked with the US government on security initiatives, and holds 18 patents on security-related topics.
© 2018 SolarWinds MSP UK Ltd. All rights reserved.
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.