It’s October, which means it is Cyber Security Awareness Month! The entire month of October is dedicated to raising awareness for cyber security in our everyday lives, and I feel the next few weeks of blog entries should reflect that.
Cyber security isn’t just something we need to worry about in a corporate environment. Quite the opposite, by raising awareness of cyber security concerns that can hit the average person, they will be that much more diligent in their corporate lives as well!
This week is Network Week, which is particularly applicable to the fact that most office workers are now working from home, meaning this is something that nearly everyone with an Internet connection and a home Wi-Fi network can use. Let’s dive into this weeks tips!
Basic Home Wi-Fi Security
Home Wi-Fi networks can get busy, especially with so many of us working from home these days. With everyone working from home, it’s certainly an opportune time to revisit some basic network security that everyone can do, all in the hopes of keeping your personal devices safe. Wi-Fi is one of those technologies where the attacker doesn’t have to be visible to be a threat. From nosey neighbours to attackers who drive around the neighbourhood (called wardriving), securing a home network should be a top priority.
Here’s a quick list of things you’ll want to check in your own home Wi-Fi environment, to help ensure that it is indeed locked down:
Change Your Router’s Name
Log into your router (check the documentation if you’ve never done this before, or call your ISP for help if you got your router from them), and change the name to something unique. Have fun with it! I’ve seen everything from “Bob’s Burgers” to “FBI Surveillance Van”, which is funny when spotted in Canada (we have the RCMP, not FBI). The reason for changing the name from the default is to make you less of a target. Default names on routers often mean default credentials, i.e. username and password, for the router. This can make for an easy hack of your home network, which we want to avoid.
Use a Strong Password or Pass Phrase
I covered the topic of pass phrases in the previous blog, so do check that one out if you haven’t yet. Strong passwords or pass phrases are particularly important for home Wi-Fi networks, as this is normally your main mode of defense against external threats connecting to your network. Using a strong password (or better yet, a pass phrase) will certainly help deter attackers. At the very least, try to use at least 12 characters for a password of your router doesn’t support long passwords or lets you use pass phrases. Yes it can be a bit of a pain when setting up new devices, but trust me, that one-time pain is worth it.
Use Strong Encryption
When you’re checking in on your router’s security settings, make sure that it’s set to use WPA2-PSK or WPA2-Personal for encryption. WEP and older WPA encryption settings are weak and can be trivially bypassed with a bit of Google searches and some patience.
Create A Guest Network
If you have a modern router, perhaps in the last 3-5 years or so, you may have an option to setup a guest network. This is intended for people who are visiting, such as family, friends, or your neighbours. A guest network allows them to use your Internet connection, but will not allow them to connect to any other devices on your home. This is a great way to keep more sensitive equipment protected, while letting less trusted equipment to still have Internet access. Be sure to use a strong password, and make sure to change the name of the guest network to something fun as well.
Update Your Router’s Firmware
Just like we covered a few articles ago, updating your router’s firmware is strongly recommended. Any device that runs computer code, from gaming consoles to thermostats, can have software updates that should be applied. While some do this automatically, others require some hunan intervention.
Using Public Wi-Fi? Use a VPN
When you are using an un-trusted network, such as free Wi-Fi in a library, coffee shop, airport, or even a friends place, use a VPN. As with anti-virus software, you want to pay for this service rather than using something free. There have been examples in the past of free VPN services stealing personal data from their users.
When you use a VPN, the connection between your computer, phone, laptop, or tablet is encrypted, meaning nobody between your device and the VPN server can “see” the data. This makes it safe against prying eyes, such as hackers trying to scan for your passwords, etc. Even if the site you’re browsing to uses https://, it won’t protect your sensitive data if there’s a hacker in control of the network, so play it safe with a paid VPN service.
Happy Cyber Security Awareness Month
Hopefully this week’s article provided you with some insights on how to better protect your home Wi-Fi network, use public Wi-Fi safely, and improve your own cyber security posture. Please share this with some non-technical people in your lives, since ultimately the better all of us can do, the better all our companies can do against cyber security threats. If you have any questions, please don’t hesitate to reach out to us. We’ll be more than happy to answer your questions.
– John
At EliteSec, we would be more than happy to discuss the security concerns you may have at your organization and how we can help to bridge those gaps. Contact us today and we’ll have a candid discussion on what pragmatic solutions we can come up with for your unique needs.