Cyber hygiene might not be a term you're familiar with, but chances are you know at least some of the practices that make up the overall process. Simply put, it's a set of common practices to reduce the likely attack surface that cybercriminals target. This improves security while also reducing the amount of sensitive data that's exposed if an attacker does get through your defenses.

It's important to know that cyber hygiene is a lifelong process, just like any other type of cleanliness. The habits you learn will keep your data safe, and there's always something new to figure out and incorporate, from open-source backup programs to using password managers for strong, unique passwords for all your accounts. Practicing good cyber hygiene includes backing up important data, keeping your devices and software updated, and knowing what a phishing attempt or other type of potential scam looks like.

Set up regular backups

Follow the 3-2-1 rule and use reliable storage solutions

Backing up your critical data is one of the key tenets of cyber hygiene. This ensures that you have pristine copies of your data to recover from if the worst happens, giving you peace of mind. Even your home lab experiments, short-lived as they may be, should be backed up, even if it's simply so you can re-run the same experiments for testing purposes.

Long-term storage, such as your NAS, should also be backed up properly. If you've only recently started centralizing your storage, you might not have that much on it yet. But think about how much personal data, photos, and documents you'll amass over years of storage, and your digital storage starts to look very much like a digital copy of your life story, and that's worth protecting at all costs.

Don't forget about the cloud

Cloud storage providers are a perfect place to put petabytes of personal data, provided you choose the correct one. I don't mean short-term cloud sync, like Dropbox, OneDrive, or iCloud, because those are synced to your devices, and that means your backups aren't really backups. But Amazon S3 Glacier, Azure Blob, or Backblaze are all good candidates for storing encrypted backups for long-term storage, the types of archival files that you don't need to access often but are glad they're backed up somewhere safe.

Ransomware and other threats are everywhere

It'll never happen to you, until it does, of course, and then it's too late

Threats are everywhere online these days, helped by mostly automated tools that find targets for hackers to hone in on. You wouldn't leave your doors unlocked in the city, and, likewise, good cyber hygiene helps to stop all but the most determined attackers before they become an issue. This could be not clicking on suspicious links, or opening email attachments unless you're waiting for someone to send you a file.

Use a password manager, because it's about time you stopped reusing the same password for all of your online accounts. This not only protects your other accounts if one gets hacked, but the password manager will have another strong password to get into, your passwords will be stored encrypted, and you can use MFA or other secondary security options to further secure your vault.

Storing your backups encrypted makes them less of a tempting target. If you use a backup solution that offers immutable backups, like Azure Blobs, any malware or ransomware won't be able to modify or encrypt your files even if it gets to them. Use antivirus software, even Windows Defender is decent these days, but make sure it's actually running.

Using access control methods on your backup solutions will further reduce your risk by allowing only certain people or even certain devices to access them. Use a hardware firewall, preferably one with Zero Trust principles behind it, which will reduce the spread of any malware should you let your guard down and click on something you shouldn't have. And keep your devices and software packages up to date, especially any of them that connect to the internet. That will cut off common attack surfaces and keep your network safer.

Keep yourself educated

Knowledge of the risks is essential when designing backup strategies

The best way to keep your cyber hygiene spotless is by educating yourself and the people around you. Phishing emails are getting much better at cloning official communications, phone calls can be spoofed from local numbers, and no, that Steam link is not going to give you $50 for free.

Keep a checklist of common cyber hygiene practices, even once you have taken them all to heart:

• Use MFA, 2FA, security keys or other secondary login methods
• Use a password manager
• Make your Microsoft account passwordless and use the Microsoft Authenticator app
• Check for frequent software and firmware updates
• Set up automated backups and test their integrity and restore processes regularly
• Run antivirus checks regularly
• Use firewalls and IDS/IPS tools
• Set up network monitoring
• Audit your systems and procedures on a regular basis

It might look like a lot of work, but most of these are automated or no more difficult than remembering your login details once set up. They're certainly easier than trying to reclaim your digital identity if stolen, or trying to recover data from a catastrophic loss without backups.

Practicing digital hygiene is essential for protecting your data and its backup copies

While regularly backing up your data is only one aspect of digital hygiene, practicing the rest of it together keeps you and your private information safer. Learning about the possible risks and how they change over time is a proactive defense against cyberattacks, and if you're following a secure, encrypted backup process, your data resiliency will enable to recover in case of unforeseen events.