Skip to content

8 Good Cyber Hygiene Tactics to Keep Your IT Humming

Keep Your IT Humming with These Cyber Hygiene Tactics

Maintaining a healthy and secure IT environment is crucial for any organization. Just like practicing good personal hygiene keeps us healthy, adopting strong cyber hygiene tactics ensures the smooth functioning of your IT infrastructure. Whether you’re a small business owner or part of a large enterprise, implementing these eight essential cyber hygiene tactics will help keep your IT humming and safeguard your valuable digital assets.

Server and Network Management Basics

Server and network management can be a daunting task for many, regardless of administrative experience. 

There are a few key baseline areas to focus on as you mature through IT progression. 


First Things First

The management of your devices should begin as soon as they hit the loading dock. It all starts with asset management.


Asset Management

Asset management should be at the core of your management strategy. Asset management documentation should contain, at a minimum: 

– Location of the device 

– Device manufacturer 

– Serial number of the device 

– Warranty information 

– System owner contact information 

– System administrator contact information 

Other good items to include: 

– Base Operating system version 

– Hardware installed such as CPU, RAM and port capacities, installed and available 

– ROM or BIOS version and configuration 

This data can assist in planning device lifecycles and when doing financial allocation and depreciation. It can be held in something as simple as a spreadsheet or as complex as an asset management system. 


cyber hygiene tactics

Configuration Management 

Configuration management is just what you might think. It is the collection of the past and present configuration of a device. This data is typically managed with a configuration management database or system. It contains items such as: 

– Operating system version and patch levels 

– Third-party applications and plug-ins and version 

– Hardware configuration including RAM, CPU, Network Interface Cards (NIC) and other installed components. 

– IP addresses 

– Connected devices

– Switch port speeds and duplex 

The list of items tracked, known as Configuration Items (CI), should include everything so that you can effectively and efficiently manage your devices. 

Why is this data important? It is important because it helps you ensure your systems are up to date.  It can help troubleshoot a problem caused by a recent change or assist during a disaster when you need to replace and recover a failed component.


Change Management 

Change is the addition, modification or removal of anything that could affect your IT devices and services. Change management is the process (the rules) that governs how change happens. 

The scope of change management should include all IT services, CI’s, technical processes and related documentation. This data is stored in a change management database (CMDB). 

Any changes made in the environment should start with a Request for Change (RFC). An RFC is a formal proposal for a change to be made in change management. An RFC includes all the details of a proposed change and can be recorded by either paper or electronic means. More mature organizations use software tools to track and manage these requests. 


Types of Change

There are three main types of change in change management: Standard Change, Normal Change, and Emergency Change.

Standard Change

A standard change is a pre-approved change that is low risk, relatively common and follows a defined procedure or work instructions. For instance, the password change of a user every three months is a good practice. It is common, and when the user follows the instructions, they can change the password easily. 

Standard changes do not require an RFC to be submitted. Standard changes are logged and tracked using different mechanisms within the change management process. These changes are typically logged as a service request and are managed by the service desk. 

Normal Change

Normal change is every change that is not classified as a standard or emergency change. If a new feature has been introduced for a new service or existing service has been updated, this is an example of a normal change. For instance, a software update or addition is an example of normal change classified in change management. 

Emergency Change

The third type of change is emergency change. Instead of extending an existing service or introducing a new service, emergency changes are initiated generally to solve a major incident or implement a security patch. Emergency changes must be introduced as soon as possible. For example, if a security exploit has been identified that can harm the company, customer data, or reputation due to data loss or leakage, this is a critical issue and must be fixed immediately. 

The change management process will normally have a specific procedure for handling emergency changes. Normal change procedure can be more bureaucratic and can take time to get all approvals to implement them, but because since emergency changes must be implemented as soon as possible, there can be faster and specific procedures or checklists for handling emergency changes.


Catch a CAB

The Change Advisory Board (CAB) is a group of people that advises the Change Manager in the assessment, prioritization, and scheduling of changes during the change management process.
The change manager is the ultimate responsible person for coordinating, organizing, prioritizing, and managing changes in an IT service provider. However, several departments, stakeholders, and organizations interact with IT Services in service delivery. 
 So, when managing and implementing changes in the IT services, representatives of these departments or organizations advise the change manager. For example, a department using a service can advise the change manager on what happens if the change does not happen successfully. The CAB usually consists of representatives from IT Services, Business, Suppliers, and Partners. 
The Emergency Change Advisory Board (ECAB) is a sub-set of the change advisory board who make decisions about high impact emergency changes. Let’s consider the example we gave previously. Suppose you have been notified that there is a security leakage in the system.  
After developing the security fix for this issue, and to implement this change, an immediate meeting is organized to get the stakeholders’ opinion about this emergency change. 
Membership of the ECAB depends on the nature of the emergency change and may be decided when a meeting is called. Only the relevant stakeholders are called to the mee ting to notify the change. However, in normal changes, the change advisory board comes together regularly to advise the change manager appropriately. 

Good Cyber Hygiene Tactics to Implement

Last, but certainly not least, it is important to remember to take care of small housekeeping details to keep your devices humming. Here are some critical but easy ones. 

1. Review logs – Check logs on your devices to ensure that the system and security are not providing obvious red flags. Having an event monitoring tool makes this task easy and provides granularity on important events occurring. 

2. Archive logs – Logging takes up a lot of space. Ensure that you save these logs to long-term storage regularly so you can still review them if needed. 

3. Maintain separate admin accounts – Do not give administrative privilege to an administrator’s daily account. Assign complex passwords and controls to these accounts. On devices, create accounts specific to that device for both reporting and administrative functions. 

4. Service accounts – Create separate service accounts on servers that are members of the domain and not local. Ensure a complex password is used, and proper controls to the accounts are followed. 

5. Antivirus/AntiMalware – If possible, use centralized management and reporting for this software. Aside from real-time protection, make sure to schedule a routine task to do a deep scan. 

6. Service packs, patches and updates – Threats are evolving on an hourly basis. Have a process or use a tool that keeps your devices in sync with the latest critical updates. 

7. Device monitoring – Use the manufacturer’s tools or consolidated monitoring to know when devices are down, have heavy RAM or CPU use, run out of storage space, or experience network flooding. 

8. Backup critical data – Perform regular backups of your data and system states. Keep local and offsite/cloud-based copies of this data in the event you may need to restore. 


As you have read, both documentation and good operational discipline are mainstays to a more reliable and predictable IT environment. It is never too late to start implementing good cyber hygiene tactics, and the process is continuous. 

We at Edge Networks know that when managing your IT, there can be a lot of moving parts and potential pitfalls Remove the burden of managing your IT with our flat-fee IT managed services programContact us to schedule a free, 30-minute consultation today.


Related Blogs