Cyber Hygiene and Why You Need It

Cyber Hygiene 

Kristen Stewart

University of Findlay

The Cloud. 

Lately it is everywhere. My company has started to unroll various "cloud" upgrades. We access our programs from online and have access to programs other departments use, all in one singular location. It has made cross-department discussions a lot easier because not everyone looks at you blankly, having no idea what program you're referring. I might not use it, but hey I have seen it on the homepage, so talk to me. 

Something happened at work a few weeks ago, and I didn't pay a whole lot of attention to it, until I started reading about the Cloud in our textbook, Using MIS (Kroenke, Boyle 2016).  Not only have I learned more about what my own company is doing, I have learned that I need to practice better cyber hygiene. 

Yes, cyber hygiene. It is a thing. A big thing. 

A mass email shoots out from corporate 2 weeks ago and all hell broke loose. We were attacked with Ransomware. I had no idea what that meant and, at first, did not care for an explanation. Until I couldn't access any of the programs I usually use and the tech team is emailing every hour, The servers go offline to treat some part of the attack and then come back online for a short period. It was crazy. 

It took 2 days to clean it up. We were given a play-by-play from the system administrators every hour. I thought it seemed excessive, but now I understand what was happening.It was just like the movie World War Z. What does a movie about zombies have to do with cyber attacks? Cyber hygiene. 

Brad Pitt fights off zombies to answer one question---who is patient zero? Because, in order to find a cure, you need to know where it started. Well, the tech team gave timeline updates to inform all of us about patient zero. Patient zero has crappy cyber hygiene. They clicked that infectious disease right into our company and the thing spread like wildfire. 

I researched a list of tips to clean-up my act (pun intended). Check them out (courtesy of Institute for Critical Infrastructure Technology):

Practice comprehensive cyber-hygiene

1. Do not follow suspicious links or open attachments from unknown contacts.
2. Rely on complex and memorable account credentials.
3. Deploy privacy protections under the settings page of social media accounts.
4. Hover the cursor over a link prior to clicking to ensure that the URL matches the hyperlink.
5. Install ad-blocker and do not track browser extensions, such as AdBlock and DoNotTrack

I don't know all the tricks and ploys of attackers, but they don't stop. Attacks aren't always caused by user malpractice, but I am going to help prevent it by implementing these guidelines. 

Our book discusses the pros and cons of Cloud services, and cyber attacks are a negative possibility, but with good cyber hygiene and open communication, being apart of The Cloud is a huge business advantage.

Kroenke, David M. & Boyle, Randall J. (2016) Using MIS. Pearson

Scott, James (May 16,2017) Recommendations for Preventing Ransomware Exploitation. Retrieved from http://http://icitech.org/recommendations-for-preventing-ransomware-exploitation/