How We Improved Cyber Hygiene Across All Departments
How We Improved Cyber Hygiene Across All Departments
Cyber attacks don’t knock – they zoom in unexpectedly.
I knew we were no better than our weakest link.
Here’s how I put into action an actionable, no-jargon cyber hygiene improvement plan in all departments.
1. Created Department-Wise Awareness Checklists
- Different teams pose different threats.
- So, instead of a one-size-fits-all policy, use customized checklists for Dev, writer, designer, and HR.
- Every checklist covered the top 5 behaviors that would lead to data leaks or breaches in their respective groups.
2. Rolled Out 2FA Across All Internal Tools
- Our emails, project tools, and HR portals, everything needs to have Two-Factor Authentication.
- It was a small setup process with a gigantic payoff.
3. Ran Two Mock Phishing Drills
- This was a wake-up call.
- Staff clicked on the suspicious link.
- The lesson learned? Fear loses to awareness every time.
4. Cleansed Unused SaaS Apps With Insecure Permissions
- Live SaaS tools are still connected to infrastructure, although most are unused, and still have access.
- Revoked outdated permissions, reviewed vendor access, and rolled up services.
5. Educated Staff on Password Managers & Secure Practices
- Several staff members are using the same password across many apps.
- Now they’re generating and storing secure, distinct passwords easily.
The Outcome?
- Fewer support requests
- Less accidental data disclosure
- Greater trust in the team to handle suspicious emails
- But most importantly, cybersecurity was no longer a policy; it was a team culture.
Your Turn:
Cyber hygiene doesn’t take a budget — it takes commitment.
Did you recently run a phishing test or train your team on 2FA?
Roshney Asked question 4 hours ago