Cyber Hygiene and Best Practices

Table of Contents

A Secure Daily Routine for Your Business

Continuing from the implementation of your digital asset mapping, it is crucial to anchor cyber hygiene into the daily routine of your company. Here is a selection of measures recommended by ANSSI for effective cyber defense, which are quite logically found in the measures that will gradually become mandatory under NIS2:

1. Protect your workstations:

Every workstation must be secured. This means installing threat detection software (EDR), which acts as an alarm anticipating any attempt at intrusion. Disk encryption is like a safe that keeps your confidential information away from prying eyes, even in case of hardware loss or theft. Remote workstation management ensures that you can always control who has access to what, no matter where the equipment or person is located.

2. Strengthen your digital identity:

Active Directory and Single Sign-On (SSO) function as a single control point for access permissions, reducing complications while enhancing security. Multi-factor authentication (MFA) requires multiple forms of identification before granting entry – a key, a code, a fingerprint – adding an extra layer of verification that deters intruders and typically uses multiple devices to reduce risk.

3. Educate your teams:

Cybersecurity training is crucial. It's akin to teaching everyone first aid in case of a security incident. Start by training teams that handle the most sensitive data, so they can recognize and react appropriately to alarm signals and refrain from placing sensitive information on tools that third parties may access (authorized or not).

4. Control access during team changes:

Onboarding and offboarding procedures must be very meticulous. Every tool, every level of access must be reviewed and adjusted to ensure that only the right people have access to various IT tools in your company.

5. Apply the principle of least privilege:

Grant access to company resources only based on necessity. It's a bit like not giving access to the finance department to someone working in production. Combined with MFA, it becomes a cross-checking system to ensure that access is always justified and secure. And it significantly reduces your attack surface, without additional tools.

6. Choose secure remote work tools:

Choosing secure remote communication tools is fundamental today. Your audit should particularly concern video conferencing solutions, messaging platforms, and file-sharing systems, which are essential for maintaining productivity but must preserve the integrity of your data.

Adopting these best practices should not be perceived as a burden but rather as the integration of a healthy lifestyle for your organization. In this way, every member of the company contributes to collective security, thus creating a resilient digital workspace ready to face cybersecurity challenges.

Next week, we will gradually delve into a slightly more complex yet absolutely fundamental measure, namely ensuring the business continuity of your company in the event of a major cyber or IT crisis."

Return to Resources ->