Guidance

Spring is not just a good time for cleaning your home, it’s also a good time to review your cyber hygiene.

With the ever-evolving cyber landscape, it’s good to conduct a review of your systems and processes to ensure you have implemented the cyber defences relevant to your business. Throughout the year, you extend your digital footprint by paying bills, shopping, using social media, and many other digital activities whether for personal or business activities.

To help you spring clean your technology and digital footprint, we have developed a checklist to help you through the process.

Cyber spring clean your business

  1. Review your business continuity and incident recovery plans ensuring both are up to date.
  2. Update and enable your password policy to include the latest guidance from the National Cyber Security Centre.
  3. Review your network access controls ensuring they are relevant and suitably implemented.
  4. Review your information sharing policies to prevent accidental data breaches.
  5. Consider implementing Cyber Essentials or ISO 27001 into your network model and ensure you regularly check your CISP account for updated information.
  6. Consider deploying network penetration testing to establish any unknown vulnerabilities.
  7. Scan and delete any irrelevant data not further required by the organisation.
  8. Enable staff cyber awareness training to better protect the organisation from cyber incidents.
  9. Review and amend administrative authorities throughout the organisation.
  10. Establish and evaluate the backup policy and arrangements to ensure they comply with current National Cyber Security Centre guidance.

Cyber spring clean your personal accounts

  1. Change all your passwords, including default passwords, to the current recommendations of 3 random words.
  2. Create new and separate email accounts for banking, social media, shopping online and personal correspondence.
  3. Don’t include personal details in your email account address i.e. [email protected]
  4. Close old applications or accounts that you are no longer using.
  5. Use the junk folders in your email to block scammers from contacting you.
  6. Enable multi-factor authentication wherever possible.
  7. Wi-Fi, when you are on the go don’t connect to the Internet using unknown hotspots, instead use your mobile 3G, 4G or 5G mobile network, which has built-in security.
  8. Check your security, privacy and location settings are set appropriately to the application being used.
  9. Save your important data/images to an external drive or cloud to restore the data if your device is compromised.
  10. Make sure all applications, operating systems, and devices (computers, phones, tablets, smart devices, TVs, etc.) are set to automatic updates.
Police Scotland

Information from Police Scotland Cybercrime Harm Prevention Team

Back to top of the page