Cyber Hygiene

Practices for Organizations

Take any necessary steps to secure systems that enable remote access, such as:

  • Test the current capacity of secure remote access solutions and increase the capacity if necessary.
  • Ensure that business continuity plans are up-to-date.
  • Increase the awareness of IT support mechanisms for employees who work remotely and clearly outline the steps to take in the event of a security incident.
  • Update Incident Response plans to consider workforce changes in a distributed environment
  • Ensuring Virtual Private Network (VPNs) and other remote access systems are fully patched.
  • Enhancing system monitoring to receive early detection and alerts on abnormal activity.
  • Implementing multi-factor authentication (MFA).
  • Ensuring all machines have properly configured firewalls, as well as anti-malware and intrusion prevention software installed.

Practices for the Workforce

  • Review Tips on Avoiding Social Engineering and Phishing Scams for more information on recognizing and protecting against phishing.
  • Review the Federal Trade Commission’s blog post on Coronavirus scams for information on avoiding Coronavirus related scams.
  • Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about Coronavirus .
  • Avoid clicking on links in unsolicited emails and be wary of email attachments.
  • Do not reveal personal or financial information in emails, and do not respond to email solicitations for this information.

We recognize the imminent threat posed by Coronavirus to not only the health of the general public but on business operations as well. Therefore, it is critical that business leaders take any necessary steps to ensure that business operations continue as close to the norm as possible.

While this article has been republished in response to Coronavirus/COVID-19, these ought to be standard procedure on any given day.

Fan of the show?

If you have any questions you'd like to ask or would like to be a guest on the show, use one of the buttons below.

Copy of cover V.21

Plans are useless but planning is indispensable and crisis will reveal how you operate.

Join me as I discuss ongoing cybersecurity incidents, trends and best practices to help information security professionals catch threats before they become incidents.


  • Contact

  • Spotify

  • Apple Podcast

  • YouTube Channel