Axonius
Cyber Hygiene
Top  

Improve Your Cyber Hygiene

Automating Asset Management for Better Cyber Hygiene

what is cyber hygiene?

Cyber Hygiene Cyber hygiene is the ongoing process and discipline required to ensure that all assets adhere to the cybersecurity protections outlined in an organization’s cybersecurity policies.

Similar to personal hygiene (brushing teeth, washing hands, bathing, etc.), cyber hygiene refers to all proactive steps taken to reduce the risks of infection related to devices and the underlying data. Cyber hygiene practices can be as simple as ensuring that laptops are running the most up-to-date version of their operating system and as complex as automatically patching, blocking, or updating systems.

top 5 cyber hygiene challenges

While the personal hygiene metaphor helps to explain the main idea, the comparison breaks down quickly when looking at the challenges related to cyber hygiene. The following are just 5 of the top challenges related to cyber hygiene:

1. Lack of visibility into devices

With personal hygiene, it’s likely that there is no problem locating the hands that need washing. But with cyber hygiene, simply having the visibility into all assets is a massive challenge.

The increase in the number and types of devices in our corporate environments has made it difficult to answer the most basic question: how many devices do I have, and are they secure?

Between unmanaged devices, cloud instances, and personal devices that have access to corporate data, just having a comprehensive inventory becomes a challenge.

2. Poor understanding of security solution coverage

When companies are able to solve the visibility challenge, they can then move on to cyber hygiene challenge 2: understanding security solution coverage.

Organizations spend time, effort, and dollars implementing security and management solutions to address every kind of device and user. Just a few examples:

  • Endpoint Protection Platforms
  • SIEM Solutions
  • Cloud Infrastructure
  • Mobile Device Management
  • DNS Management
  • Directory Services
  • IAM/PAM

Just to name a few. For a full list, see Axonius Adapters.

Without understanding where security solutions are both installed and active, coverage gaps exist. Until you can uncover gaps in security solution coverage, good cyber hygiene is impossible.

3. Inability to prioritize vulnerabilities

There will always be vulnerabilities, and it is highly likely that there will always be more vulnerabilities than resources to address them. This makes prioritization essential when it comes to including vulnerability management as part of a cyber hygiene program.

Prioritizing vulnerabilities to increase cyber hygiene
Finding devices with critical vulnerabilities in Axonius.

Understanding which devices have critical vulnerabilities lets security teams understand severity, thereby helping teams prioritize what needs to be addressed.

4. User access, PAM and offboarding

In addition to the device side of cyber hygiene, understanding which users have privileged access and continually verifying permissions is a necessary component of any cyber hygiene program.

A few examples of user-related queries that should be part of a cyber hygiene initiative:

  1. AD Enabled Users with Bad Configurations – Any user with either a password set to never expire, no pre-authorization required, no password required, etc.
  2. Users with Devices Not Seen in X Days – Any user with a device that has not been active in a given timeframe
  3. Admin Accounts with Old Passwords – Any admin user that hasn’t changed a password in a given timeframe.
  4. Users with Bad Logins – Users that have tried, but failed to log in over the past 7 days.

5. Managing Cloud Assets and IoT Devices

Finally, two types of assets have a tendency to trip up cyber hygiene initiatives: cloud instances and IoT devices.

Cloud Instances and Cyber Hygiene

As organizations move more and more to the cloud, they often find that the security and management solutions that protect their on-premise and network devices don’t necessarily translate to the cloud.

One good example is the use of Vulnerability Assessment tools. These scanners do a fantastic job of scanning devices on a network to find which vulnerabilities are present. But the dynamic nature of cloud instances and their short lifespan often means that VA tools simply don’t know that a new cloud instance exists, so it is never scanned.

IoT Devices and Cyber Hygiene

IoT devices present another challenge to security and IT departments when it comes to cyber hygiene. With thousands of always-on, always-connected devices hitting our networks, these devices are unmanaged and therefore often are not part of security policies.

A great recent example of IoT Devices and the challenge around cyber hygiene can be seen in our post “The NASA JPL Hack: Why Asset Management Matters in Cybersecurity

Controls and Regulations Related to Cyber Hygiene

CIS Controls 1 & 2

The Center for Internet Security (CIS) lists a prioritized set of actions to protect organizations from known cyber attack vectors. Known as the CIS 20, the list is broken down into:

  • 6 Basic CIS Controls 
  • 10 Foundational CIS Controls
  • 4 Organizational CIS Controls

The most basic controls, CIS 1 and 2 deal with the following cyber hygiene practices:

CIS Control 1: Inventory of Authorized and Unauthorized Devices

“Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.”

To achieve CIS Control 1, the Center for Internet Security highlights 3 key steps:

  1. Identify all devices
  2. Document the inventory
  3. Keep the inventory current

CIS CONTROL 2: Inventory of Authorized and Unauthorized Software

“Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.”

To achieve CIS Control 2, the Center for Internet Security requires you to:

  1. Identify and document all software
  2. Develop a whitelist of approved software
  3. Manage the software on the system through regular scanning and updates

Asset Management and Cyber Hygiene

The Axonius Cybersecurity Asset Management platform helps organizations implement, monitor, and automate their cyber hygiene programs by doing exactly 3 things:

  1. Giving customers a credible, comprehensive asset inventory – Visibility into all assets, devices, and users, on-premise and in the cloud.
  2. Uncovering security solution gaps – Automatically finding any asset that is not adhering to the overall security policy.
  3. Automating security policy validation and enforcement – Using triggered actions to make sure all assets meet policy requirements

For an overview of the Axonius platform, see the following video:


Use Cases

Visibility for Patch Management

At its core, patch management is a discipline that combines both knowledge and action. It requires IT and security teams to understand which devices are known and unknown, the version and subsequent vulnerabilities of software being used, and the impact of change.

Learn More

Increased Security Solution Deployment

You've purchased the perfect security solutions to fit your needs, but are the deployed everywhere they should be? Understand where solutions are missing and maximize your security investments. 

Learn More
LET US PROVE IT.
Watch the 2 minute demo.

See for yourself.

Interested in seeing what Axonius can do for your organization?

Schedule a demo and let us show you

Additional Resources