Since 2004 October has been Cybersecurity Awareness Month, providing an opportunity for everyone to learn about ways to stay safe and secure online with straightforward advice and suggestions from experts. Of the past 17 years, the last two have been unique as the world moved to new ways of working, and there’s been a need to course-adjust along the way. It has not been entirely smooth but has helped many to create a better work/life productivity balance with a mix of remote and office working.
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
Specifically, cyberthreat developers recognize that a home network has the potential for new threats to break in and hide, watching for opportunities to disrupt work, steal data or infiltrate a corporate network. As good as corporate security is, any remote work adds risk. The security team has tools for managing access to corporate data, may separate personal and work-related network traffic, and can watch for inbound threats, but it is not possible to manage every remote worker’s private network for technical and privacy reasons. So, for remote or hybrid workers, what can be done to create a secure home network?
Start at the End(Point)
Any computer, tablet or phone connected to the home network must be ‘clean’ and updated to reduce the risk of infection by ransomware or malware. It is impossible to guarantee against an attack but keeping everything up to date establishes a sound security posture that reduces risk.
Key steps to take include:
• Update operating systems and applications regularly. The latest patches often contain important security updates. Modern platforms, including Windows, macOS and iOS, can be automatically updated; this is a powerful feature ensuring that non-technical users are kept safe from harm.
• Keep hardware up to date. Computers have a BIOS or EFI, special software used to configure hardware and keep settings up to date. Most vendors provide simple-to-use tools to assist with this process.
• Use endpoint security tools. Often, there are complaints that ‘antivirus slows computers,’ but this is an essential tool for preventing malware. Modern security solutions run passively to reduce any performance impact and include cloud-based intelligence and AI detection tools that quickly alert regards new threats.
Manage the Internet of Things (IoT)
IoT on a home network runs the risk of creating a Wild West of devices; network-connected kitchen tools, lights and heating help make lives easier, but are not always designed with security in mind. It is essential to know which devices are connected and to properly configure security accordingly.
Specifically, prioritize the following:
• Run an audit of the home network. It may sound daunting but can result in uncovering a surprising number of IoT devices that were connected, then forgotten. A network scanner discovers all devices, advanced tools – such as Fing or BitDefender – provide detailed information, such as hardware and configuration.
• Update IoT firmware and software regularly. As with operating systems, new IoT firmware contains important security updates. Where possible, configure devices for automatic updates, keep a record and check back regularly.
• Do not accept the default username/password on any IoT. The defaults may be weak or exposed on the internet via an IoT database such as Shodan.io. Change to complex username/password combinations.
Keep the Network Clean and Clear
Understanding devices connected to the network is an important first step in protecting the home but keeping the network they connect to clean is just as critical. Restricting access may not always be popular, especially with children and visitors, but it is a necessary step.
Keep the network clear with these best practices:
• Regularly update network routers and modems. If an advanced mesh network is used at home, make sure to keep this up to date and monitor the management console for security recommendations.
• Create a guest Wi-Fi network and configure it to allow only internet access; visitors may bring devices with unknown vulnerabilities. Further, hide the home network SSID if possible; making the Wi-Fi harder to find makes it more difficult to access.
• Monitor devices connected to the network. Use tools such as MacDecode to identify connections and then disable those that are unrecognized. It’s the simplest way to discover the security posture of anything new. If it turns out to be the new TV Digibox, re-enable and add to the network safelist.
Protect the Keys to the Castle
Passwords still protect the door to the castle. To keep unauthorized people and threats out of the home network, establish strong password hygiene. On a home network, it’s often not possible to force people to change passwords, but education about the reasons why – and demonstrating that it does not have to be complicated – is a good start.
Key password tips include:
• Use long passwords; the longer, the better. Complex passwords are hard to remember, but a 12–15-character password is difficult to crack. With this method, it’s easy to use a memorable phrase and just replace a few characters with capital letters or numbers. For example, “iamacomputergeek” could become “1AmAC0mputerG33k.”
• Where possible, use multi-factor authentication (MFA). This method adds a regenerating key to logins, only accessible using a separate device such as the Google or Microsoft Authenticator on a mobile phone. It is simple to set up and should be used whenever offered by an application.
• Never, ever click on links in text messages or input any information into the links. Even if it seems like the link is valid, it could still be fake. Should you receive a text that, for example, demands an update to banking information, go to a browser and access the banking URL manually. If the text is valid, then perform the update safely; if it is fake, as is most common, you can avoid a possibly costly mistake.
The recommendations in this article have one thing in common: simplicity. A key element of Cybersecurity Awareness Month is to educate non-technical people on better protecting their identity, devices and data from attacks and malware. Sharing these recommendations and spreading the word about cybersecurity will help protect more and more people from threats. Attacks will never be fully stopped, but their impact can be reduced with education.
Following these guidelines helps to establish a clean, safe home-network environment for working remotely. More than this, following these guidelines can keep the home network safe for everyone in the household and help people set up strong security practices to protect their devices and data wherever they are.