Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

COVID-19 Is Requiring Us to Implement Cyber Distancing

Reduce Your Risk by Practicing “Cyber Distancing”

Reduce Your Risk by Practicing “Cyber Distancing”

For many of us stuck working from home for most of the year, the lines between work and home activities have blurred. You might not even realize when you’re using your work computer to buy something online or using your personal tablet to respond to work emails at night on the couch. This behavior isn’t new, and has been observed by the security community for years. At this point however, with the COVID-19 pandemic forcing millions of Americans to work from home, the threat level this behavior brings has become unprecedented.

If not kept in check, the behavior caused by these blurred lines can open the doors for hackers, giving them new, potentially unprotected avenues to steal sensitive company data or gain access to your company’s network. To help mitigate the threat, everyone should practice “cyber distancing”. Similar to how social distancing can help prevent the spread of COVID-19, keeping a ‘six foot distance’ between our digital home life and digital work life can go a long way when it comes to safeguarding our most sensitive data, too.

If your company isn’t using some type of virtual desktop technology that segments your home environment from your work, it’s possible you could be exposing your company’s data right now. In Part 1 of this two-part story, I’ll lay out recommendations that will help harden your home network so that the sensitive data you work with day in and day out is treated with as much care as you can provide. 

For some of us, our home networks are outfitted with layers of security, like industrial next generation firewalls, two-factor authenticated Wi-Fi hot spots, and the endless parade of cybersecurity products you can purchase to protect the perimeter. Others however may still be using the same rental router they got from their cable company. I’m willing to bet a portion of those users are still using the same default settings that came with that product, too.

That type of behavior needs to change in a pandemic. Now is the time to distance ourselves from our traditional cyber activities.

Home Network Recommendation

Some of these recommendations are going to sound difficult, but trust me when I say they’re very easy to implement. You just need to access your router’s homepage. Most of the time it’s located at http://192.168.1.1 or possibly http://192.168.0.1. Typically, this information, along with the default password is located on the router itself as well. Once you’ve typed this information into your web browser’s navigation bar, hit enter and it’ll prompt you for a username and password.  

Advertisement. Scroll to continue reading.

• Do not broadcast your Wi-Fi’s network’s SSID. When your SSID, or network name, is broadcasted, that means any neighbor, person walking by, or even some nerd a mile away with a wireless booster antenna can pick up your signal and make attempts to access your network. If broadcasting is disabled, you won’t be as easy a target. 

• Modify Default Passwords – Changing the administrative password on the router is a good idea. Sometimes it comes with a complex password which is good, but it’s even better when it’s something only you know.  

• Set a Strong Password to Access Wi-Fi with WPA2 Encryption – A solid password is typically 20+ characters in length with numbers, letters, and symbols. I know that sounds like a lot of characters but on the plus side when friends are eventually allowed to come over to your house, they won’t be able to use your internet to stream TikTok videos and such. 

• Ensure that Remote Access is Disabled – This setting allows you to control your network remotely but also opens up a backdoor for the bad guys. Ensure this setting is disabled within the configurations; simply look for “Remote Access”. 

• Update your Router’s Firmware – Routers don’t typically come with an auto-update feature but ensuring your firmware is up to date and free of flaws and vulnerabilities is very important. It’s good to check this every six months or so. 

• Harden any Connected IoT Devices – Okay, this one is very important. The prevalence of “smart” everything has led to many of us having a “dumb” network. These smart devices can open up gaping holes in your network, especially since a lot of them come with weak default credentials and custom ports that can notify attackers of their existence. These include devices like webcams made in China. The first thing you should do is update the password with something complex and modify the default ports it listens on. This will require something called Port Forwarding on your router to whatever new port you assigned, but trust me it’s worth it.

If you follow these steps, you’re well on your way to providing the foundation of that ‘six foot distance’ you want to achieve between your recreational online activity and the sensitive work your company entrusts you with. Now that your home network security is taken care of, we’ll need to shift our cyber distancing focus to complete our goal. In part two of my story, we’ll be shifting gears from the physical aspects of cyber distancing to the mental aspects of cyber distancing.

RelatedRemote Work is Not New, but it is the New Normal

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.