This is the digital age and we rely on our computers and other electronic devices in so many areas of our lives that the need to be proactive and vigilant to protect against cyber-threats has never been greater. In order to be as secure as possible we need to use good cyber-hygiene. So what is cyber-hygiene? It is ensuring you are protecting and maintaining systems and devices appropriately and using cyber-security best practices.
Key best practices are outlined in the Top 20 Critical Security Controls, managed by the Council on CyberSecurity. These Controls assist in mitigating the most prevalent vulnerabilities that often result in many of today's cyber-security intrusions and incidents. The Center for Internet Security (CIS) provides free, PDF-formatted configuration guides that can be used to implement the Controls and improve cyber-security.
Here are several best practice strategies for strengthening defenses:
Update Your Applications, Software and Operating Systems
Even though you may be diligent in keeping your software updated, you are still at risk from malware infections. Malware can infect our devices from a variety of different vectors such as compromised websites, malicious attachments in e-mail, and infected USB drives. Strong malware defense is crucial. Anti-virus and anti-spyware can scan your files to see if there is any malware in your files. It should even tell you if you are about to download a potentially malicious file. Update your anti-virus software often. Keeping apps, software and operating systems patched will help keep you more secure by providing you with the most recent and secure version.
Securely Configure Your Systems and Devices
The out-of-the-box configurations of many devices are preset to default settings that are often for ease-of-use rather than security. This often results in vulnerabilities that offer easy targets for hackers to exploit, often using automated programs that scan for the holes. To mitigate risk, systems and devices should be configured according to industry accepted system hardening standards.
Secure Your Browser and Add-ons
Back Up Your Data
Be sure to back up your important data so you can retrieve it if your system fails. Most operating systems provide backup software designed to make the process easier. External hard drives and online backup services are two popular methods for backing up files. Remember to frequently back up data at regular intervals and periodically review them to determine if all your data has been backed up accurately.
Secure Your Wireless Network
Before the days of Wi-Fi home networks, it was rather easy to see who was linked into your home network; you would simply follow the wires. You wouldn’t allow a stranger to connect to your land network, so check to see who is connected to your wireless network. The first step is to lock down your wireless network with a strong password and encryption. This will prevent people who don’t have the password from connecting to it.
While now there are few wires to follow, you can still find digital breadcrumbs to see who is connected to your network. Connect to your router to see who the clients are. Are there more devices connected to your network than you expect? If there are devices you don’t recognize, change your security settings and passwords. Don’t forget about your printers which can connect to networks and are Wi-Fi enabled.
Protect Your Administrative Accounts
Administrator or "admin" accounts give a user more control over a computer than a typical user account. If an intruder accesses an admin account, they could own your computer. Non-administrator accounts, or guest accounts, can limit the ability of someone gaining unauthorized access. It is vital to change the default password on your admin accounts and to always log on to your computer as a non-administrator or non-admin account.
Another aspect to protecting admin accounts is to change default passwords on your devices. Many of them are published on the Internet, so be sure to change them to something unique and strong. Default passwords are especially prevalent in routers.
Many computer defaults are set for ease-of-use, which is convenient not only for users, but also for cyber-criminals. Cyber-criminals can use weak or unnecessary services as a first step to compromising your devices. Many computers and routers already come with a firewall installed to prevent malicious access to these services. It is recommended that you set the firewall to the most secure level you think is appropriate: if this is a laptop you will use for traveling and connecting to public networks, it is recommended that you choose the strictest level of security and only allow exceptions for services you need. You can always relax the controls if you feel you are making safe decisions.