We’re hearing a lot these days about the need for strong and consistent enterprise IT hygiene in cybersecurity. Good. What is that, anyway? An IT hygiene definition should start with the meaning of “hygiene,” which comes from the Greek “hygiene techne.” It means “the healthful art,” Enterprise IT Hygiene is crucial if you want to maintain a good security posture.
What is IT hygiene?
Hygiene in human beings refers to staying clean and doing regular healthy activities, like brushing your teeth and washing your hands, to avoid getting sick or infecting others. With computers, which we have anthropomorphized to a great extent, we apply the concept of hygiene to tasks like cleaning memory caches and defragging hard drives. Just as brushing your teeth keeps you from developing cavities,a defragment disk keeps your device “healthy” and running well.
IT hygiene vs. cyber hygiene
Basic IT hygiene is about making sure that systems run well. It’s about ensuring high availability and data with integrity. Cyber hygiene applies the concept of hygiene to security processes like running virus scans and rotating passwords, keep IT free from “infection” by malware or other pathogen-like entities like APTs.
Most security countermeasures have an associated cyber hygiene practice. Examples of sticking to a healthy security routine include:
- Patching — if you have a policy of patching (and you should), it’s a good idea to make patching a regular practice, a sort of “wash your hands before you eat” thing where you never wait too long to apply a patch.
- Endpoint protection — It’s not enough to define a policy of endpoint protection but then follow through on enforcement inconsistently. Endpoint protective measures can degrade easily, leaving end users vulnerable to attacks which can then spread across the network as attackers move laterally. It’s essential to make the execution, audit and remediation of endpoint protections a recurring process.
Controls only work if they’re constantly being checked to ensure they’re performing their designated tasks. For example, you may have a control declaring that user accounts must be deleted after the user leaves the organization. However, unless you check on a regular basis, you will almost certainly have “ghost users” who make you vulnerable to cyber security attacks.
Attackers use attack techniques and methods that circumvent most cyber defenses, often by employing legitimate tools and leveraging real users. Fortunately, there is a simple solution to address this problem.
How attack path management helps with both cyber and IT hygiene
IT hygiene affects everyone in an organization. IT has its share of responsibilities. SecOps does as well. Every employee has certain IT hygiene duties, too, like not leaving passwords written on post-it notes and so forth. How will you ever know if everyone is doing their part? How will you know that certain IT practices create holes for attackers to move laterally in the organization?
That’s where attack path management enters the picture. XM Cyber’s attack path management platform allows you to verify whether people are following the IT hygiene routines.
It does this by conducting automated cyber-attack simulation that illuminates all of the potential attack paths that adversaries can use to jeopardize your critical assets. It probes your network and devices, looking for security holes (such as misconfigurations and unpatched servers) that can be exploited to successfully breach your defenses.
XM Cyber can even spot subtle and easy-to-miss problems like cached passwords to privileged accounts, administrative sessions where the user has gone but left the connection open and other common IT hygiene problems. It can simulate attacks from any part of your environment with a focus on critical assets, provide security posture scoring and offers a truly comprehensive view of mitigations. XM Cyber provides prioritized, simple-to-follow remediation, significantly improving the security posture and IT hygiene of the organizations. This means attack path management is one of the most effective ways to maintain a constant vigil on IT and cyber hygiene practices.