Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

COVID-19 Is Requiring Us to Implement Cyber Distancing

Reduce Your Risk by Practicing “Cyber Distancing”

Reduce Your Risk by Practicing “Cyber Distancing”

For many of us stuck working from home for most of the year, the lines between work and home activities have blurred. You might not even realize when you’re using your work computer to buy something online or using your personal tablet to respond to work emails at night on the couch. This behavior isn’t new, and has been observed by the security community for years. At this point however, with the COVID-19 pandemic forcing millions of Americans to work from home, the threat level this behavior brings has become unprecedented.

If not kept in check, the behavior caused by these blurred lines can open the doors for hackers, giving them new, potentially unprotected avenues to steal sensitive company data or gain access to your company’s network. To help mitigate the threat, everyone should practice “cyber distancing”. Similar to how social distancing can help prevent the spread of COVID-19, keeping a ‘six foot distance’ between our digital home life and digital work life can go a long way when it comes to safeguarding our most sensitive data, too.

If your company isn’t using some type of virtual desktop technology that segments your home environment from your work, it’s possible you could be exposing your company’s data right now. In Part 1 of this two-part story, I’ll lay out recommendations that will help harden your home network so that the sensitive data you work with day in and day out is treated with as much care as you can provide. 

For some of us, our home networks are outfitted with layers of security, like industrial next generation firewalls, two-factor authenticated Wi-Fi hot spots, and the endless parade of cybersecurity products you can purchase to protect the perimeter. Others however may still be using the same rental router they got from their cable company. I’m willing to bet a portion of those users are still using the same default settings that came with that product, too.

That type of behavior needs to change in a pandemic. Now is the time to distance ourselves from our traditional cyber activities.

Home Network Recommendation

Some of these recommendations are going to sound difficult, but trust me when I say they’re very easy to implement. You just need to access your router’s homepage. Most of the time it’s located at http://192.168.1.1 or possibly http://192.168.0.1. Typically, this information, along with the default password is located on the router itself as well. Once you’ve typed this information into your web browser’s navigation bar, hit enter and it’ll prompt you for a username and password.  

• Do not broadcast your Wi-Fi’s network’s SSID. When your SSID, or network name, is broadcasted, that means any neighbor, person walking by, or even some nerd a mile away with a wireless booster antenna can pick up your signal and make attempts to access your network. If broadcasting is disabled, you won’t be as easy a target. 

• Modify Default Passwords – Changing the administrative password on the router is a good idea. Sometimes it comes with a complex password which is good, but it’s even better when it’s something only you know.  

• Set a Strong Password to Access Wi-Fi with WPA2 Encryption – A solid password is typically 20+ characters in length with numbers, letters, and symbols. I know that sounds like a lot of characters but on the plus side when friends are eventually allowed to come over to your house, they won’t be able to use your internet to stream TikTok videos and such. 

• Ensure that Remote Access is Disabled – This setting allows you to control your network remotely but also opens up a backdoor for the bad guys. Ensure this setting is disabled within the configurations; simply look for “Remote Access”. 

• Update your Router’s Firmware – Routers don’t typically come with an auto-update feature but ensuring your firmware is up to date and free of flaws and vulnerabilities is very important. It’s good to check this every six months or so. 

• Harden any Connected IoT Devices – Okay, this one is very important. The prevalence of “smart” everything has led to many of us having a “dumb” network. These smart devices can open up gaping holes in your network, especially since a lot of them come with weak default credentials and custom ports that can notify attackers of their existence. These include devices like webcams made in China. The first thing you should do is update the password with something complex and modify the default ports it listens on. This will require something called Port Forwarding on your router to whatever new port you assigned, but trust me it’s worth it.

If you follow these steps, you’re well on your way to providing the foundation of that ‘six foot distance’ you want to achieve between your recreational online activity and the sensitive work your company entrusts you with. Now that your home network security is taken care of, we’ll need to shift our cyber distancing focus to complete our goal. In part two of my story, we’ll be shifting gears from the physical aspects of cyber distancing to the mental aspects of cyber distancing.

RelatedRemote Work is Not New, but it is the New Normal

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...