We are living during an unprecedented time of uncertainty where working from home is now becoming more than the norm. It is fast becoming a necessity. Therefore, similar to an onsite working environment, the work product we produce at home needs to remains secure and safe. Have you considered how secure your network at home is? Ensuring good cyber hygiene is even more critical when working from home. People who work from home can be more vulnerable because they do not have a dedicated IT team or maybe they are not tech-savvy enough to set up their home networks to be secured. Here are a few basic recommendations that can be easily spot-checked while working remotely at home.
ENSURE YOUR PASSWORDS CANNOT BE EASILY GUESSED AND DO NOT SHARE THE SAME PASSWORD ACROSS ACCOUNTS.
We know it’s hard to keep track of all those passwords from all your accounts, but there are services (and basic files) that can help you document and store your passwords safely, such as Dashlane and Keeper, to name a few. These password managers store your information on their servers with a single password and can help you recover your information if you ever forget your passwords. Personally, I use an encrypted file with a password with 20+ characters. It is recommended that when you do create a password to have a minimum of 12+ letters with a combination of symbols, letters, and numbers. Passwords should be changed every 60 – 90 days. Passwords with these strings and multifactor authentication (MFA) enabled, makes it even more difficult for a hacker to gain access to your data.
ENSURE YOUR NETWORK IS SECURED WITH A PASSWORD THAT CANNOT BE EASILY GUESSED (AND THIS GOES FOR YOUR WIRELESS ACCESS POINTS AS WELL).
Many people assume that they will never be a target since they probably believe that they don’t have information a hacker would want. Unfortunately, that mindset is a misnomer. In fact, this makes you a valuable target. Hackers have a different mindset. They can find ways of using your network for personal gain, like stealing your identity or collecting confidential information, or using your network to commit malicious intent. That’s why you should not connect to a public network (at a coffee shop) without using VPN. If you have an open network that anyone can use, you have just created a coffee shop environment for a hacker to sit and sniff out information of all the systems that are currently riding on that network. It’s even advised that you should have a private network at home for yourself and set that network separate from the network your houseguests would use.
ENSURE ALL YOUR ENDPOINT DEVICES CONNECTED TO YOUR NETWORK HAS A UNIQUE PASSWORD THAT CANNOT BE EASILY GUESSED.
We all read about Ring Intercom and the wireless babycam being compromised. It’s a scary thought, and this is all due to bad cyber hygiene. It is highly recommended that when a new device is installed, to confirm that all of the settings are set properly. For example, changing the default password to a unique password that cannot be easily guessed, and if there is MFA, enable it to create that additional layer of security. Another thing is to ensure that all the settings are configured properly, such as a web-based interface or open protocols. If you don’t use it, make sure you disable it. Things like telnet or standard ftp should all be disabled if it still exists in your device. These are only a few examples, but each device is different, so make sure you look and modify them.
ENSURE YOU HAVE SECURITY PARAMETERS ENABLED WITH ACCOUNTS SUCH AS YOUR BANKING, FINANCIAL DATA, CREDIT CARDS, ETC.
In this day and age where data is money, you want to secure your data as much as possible. Here are some examples. We all know about spam phone calls – never give out your social security number, but what about your data? Always enable ways that allow you to track your data and information. The best examples are always credit cards, your banking information, and your credit reports. But regardless of the type, they should all be secured. Credit cards and banking institutions all have MFA in place as well as the ability to set thresholds so you can monitor your account. Everyone has a cell phone that can receive messages (whether SMS or email). The key is to set the parameters so that any time a transaction occurs, it pings your devices. This is important. Another suggestion is to lock your credit report. Many people do not realize that this is a free service. Sites like TrueIdentity (part of TransUnion https://www.trueidentity.com) allows users to sign up and lock their credit reports and unlock when they need to apply for a mortgage. This is an extremely valuable security hygiene to use. If anyone attempts to use your information to open an account, this will block that application. I tested it myself when I first signed up to Transunion and attempted to apply for a credit card to see if it would be flagged. It was.
ENSURE YOUR COMPUTERS/PHONES/IOT DEVICES ARE PATCHED AND SECURED.
Since all devices will be sitting on your network, make sure that they’re all patched with the latest security updates and firmware. Many companies will not allow you to bring your devices onto their networks for the same reasons. Manufacturers have updates because security vulnerabilities are detected. By consistently patching and updating, you are ensuring that your devices have been secured. This goes for the applications you typically use on your devices, and for IoT devices, firmware patches are extremely important.
There are many more recommendations, but these are good starting points to look at for your home network. At the end of the day, if you apply common sense, such as things that your company would advise against you doing (clicking a suspicious link), you can create a better awareness for yourself and your family at home. The last thing anyone wants is for your systems to be compromised and have someone spying on you at home using your webcam.