Several years ago, creating a cybersecure home was simple; most homes consisted of nothing more than a wireless network and several computers. Today, technology has become far more complex and is integrated into every part of our lives, from mobile devices and gaming consoles to your home thermostat and your refrigerator. Here are four simple steps for creating a cybersecure home.
Your Wireless Network
Almost every home network starts with a wireless (or Wi-Fi) network. This is what enables all your devices to connect to the Internet. Most home wireless networks are controlled by your Internet router or a separate, dedicated wireless access point. They both work the same way: by broadcasting wireless signals. The devices in your house can then connect via these signals. This means securing your wireless network is a key part of protecting your home. We recommend the following steps to secure it:
The next step is knowing what devices are connected to your wireless home network and making sure all of those devices are secure. This used to be simple when you had just a computer or two. However, almost anything can connect to your home network today, including your smartphones, TVs, gaming consoles, baby monitors, speakers, or perhaps even your car. Once you have identified all the devices on your home network, ensure that each one of them is secure. The best way to do this is ensure you have automatic updating enabled on them wherever possible. Cyber attackers are constantly finding new weaknesses in different devices and operating systems. By enabling automatic updates, your computer and devices are always running the most current software, which makes them much harder for anyone to hack into.
The next step is to use a strong, unique password for each of your devices and online accounts. The key words here are strong and unique. Tired of complex passwords that are hard to remember and difficult to type? So are we. Use a passphrase instead. This is a type of password that uses a series of words that is easy to remember, such as “Where is my coffee?” or “sunshine-doughnuts-happy-lost”. The longer your passphrase is, the stronger. A unique password means using a different password for each device and online account. This way, if one password is compromised, all your other accounts and devices are still safe. Can’t remember all those strong, unique passwords? Don’t worry, neither can we. That is why we recommend you use a password manager, which is a special security program that securely stores all your passwords for you in an encrypted, virtual safe.
Finally, enable two-step verification whenever available, especially for your online accounts. Two-step verification is much stronger. It uses your password, but also adds a second step, such as a code sent to your smartphone or an app on your smartphone that generates the code for you. Two-step verification is probably the most important step you can take to protect yourself online, and it’s much easier than you think.
Sometimes, no matter how careful you are, you may be hacked. If that is the case, often the only way you can recover your personal information is to restore from backup. Make sure you are doing regular backups of any important information and verify that you can restore from them. Most mobile devices support automatic backups to the Cloud. For most computers, you may have to purchase some type of backup software or service, which are relatively low- priced and simple to use.
This 'guest' post is taken from the January SANS' OUCH! Newsletter, and is shared here without modification under the Creative Commons License. A pdf version can be downloaded from this link.
Welcome to Cyber Security Awareness Month! Ok, so we’re already more than half way through the month, but how many of you knew that each year October is (Inter)national Cyber Security Month?
And what better way to start than by taking a moment to reconsider the basics of IT Security? The following cartoon has been around for a while (original source unknown, but obtained from here), but is as much true today as it ever was.
The most advanced technologies can be brought into play, huge amounts of money can be spent protecting technology from every conceivable threat, but as soon as fallible humanity comes into the equation, all bets are off. It doesn’t matter whether you are the lowliest peon in your workplace, or the CEO of a major multinational, we are all susceptible for, “to err is human”.
Although we all make mistakes, if we put good methods and practices in place, we will need to work much harder in order to truly mess things up. The below infographic (edited from the version at staysafeonline.org) gives some good practical tips for home and business users alike, but we have to remember that security doesn’t belong only to the “professionals”, but starts with each and every one of us.
Cyber Security Starts at Home – with everyone online, even down to the youngest of infants, we need to make sure that all users learn to use the internet safely.
Keep Devices Up-to-Date – one of the best methods of protecting against malware is to keep your system up-to-date, whether that be the operating system, software or drivers.
Use Multi-Factor Authentication (MFA) – Passwords can be broken, so it is better to use additional methods to secure important data such as bank accounts and email.
Be Careful with Social Media – “Once online, always online”. Think about what you put online today, because it may come back to haunt you.
Backup Your Important Data – Data loss, corruption, ransomware – these are all common ways to lose information, so backup your important data, and frequently.
Your Personal Information is Valuable – Be careful what you reveal, because everything you share about yourself online is worth something to someone.
Create Strong Passwords – This is true for all passwords, but especially home WiFi. Once someone is in your home network, who knows what personal information they have access to?
Hi to everyone reading my first post :)
This is going to be a very short introductory post, just laying down some ground rules for what to expect from me. I'm going to try and post something here once or twice a week, but I have six children under the age of teenager, so sometimes I may be a little late with a post.
What I'm going to try and do with this blog is give some general IT security advice and tips, along with some short explanatory how-to posts and the occasional hacking challenge walkthrough.
If you have any questions you would like me to answer, or anything you would like me to cover in a blog post, send me an email at firstname.lastname@example.org or feel free to leave a comment. I promise to read all comments and answer where necessary, and try to keep on top of moderating any inappropriate and unsolicited content.
So, welcome to Secure Your IT's blog...