We kicked off the 17th annual Cybersecurity Awareness Month (CAM) last week with this post on the lack of security around connected devices and the internet of things (IoT). This week, we’ll cover more on the subject of making sure your connected apps and devices are secure both at home and at work.
Since the global pandemic has forced so many people out of corporate offices and into remote workplaces, it’s fair to say that ‘home’ and ‘work’ are in the same place for a lot of us. There’s still a good reason to keep the two separate if you can. Use separate computing devices for work and home use if possible, and keep the work devices on a separate network from your entertainment and smart home devices if you can.
This kind of separation isn’t practical for everyone, but we all have some options to create space between the home and work technology.
Securing devices at home and work
Let’s start with some of the things that you might know by now: Change credentials on your devices as soon as they’re connected, use complex passwords and multi-factor authentication (MFA) when possible, and never use your personal email for business accounts. What else is there?
Secure the Wi-Fi network: Many home wireless networks are secured with simple passwords, such as an address, family name, or favorite sports team. If your wireless is compromised, a criminal can use it to examine your network for other weak spots. Depending on what he finds, he could store malicious applications on your network, use your internet connection for illegal activities, or add your smart devices to a botnet. Use a complex password and any other mechanism you can to protect your wireless networks.
Know your applications: Most smart devices are supported by a mobile application. If your mobile phone is running a rogue or compromised application, your smart device could be feeding information to a third party. Check your app permissions and delete what you don’t need or no longer use. Only download apps from trusted vendors and sources and use either native or trusted third-party mobile phone security that can protect your device from these threats.
Beware of social media: It may not seem like it, but Google and social media sites can help criminals compromise your home and workplace devices. The internet is a gold mine for information about both you and your company, and you should do your best to manage what is being published to what audience. Privacy settings will help you control who can see what you are posting and what your device may be sharing such as your physical location. While it may be fun to meet and connect with new people, sticking to people you know and trust is always the more secure option. Even your trusted friends and family can make mistakes ,though, so let them know if they’re sharing too much information about you.
Protecting company information is just as important. Criminals scour the internet for information about targets so they can create effective spear-phishing campaigns. Information about employees, partners, vendors, software, etc., can make it easier for criminals to social engineer their way into the company. Avoid public conversations or rants that expose information that can damage the business.
Publicly available information allows criminals to create scams to infiltrate the business. Successful scams can result in malicious software being installed on the network, which puts the company at risk of ransomware, data exfiltration, and business email compromise.
CAM, formerly known as National Cyber Security Awareness Month (NCSAM) in the U.S., was launched in 2004 by the National Cyber Security Alliance and the U.S. Department of Homeland Security. The goal is to inform individuals and organizations about the risks of being online. The effort has evolved over time and continues to deliver measurable results.
Each week of October has a specific topic that falls within a theme. This year the theme for CAM is “Do Your Part. #BeCyberSmart,” and the weekly themes are:
- Week 1: If you connect it, protect it
- Week 2: Securing devices at home and at work
- Week 3: Securing internet-connected devices in healthcare
- Week 4: The future of connected devices
The key outcome for the month is for people to understand the risks of online connectivity and learn how to minimize those risks through better security practices.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology and project management credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.
Connect with Christine on LinkedIn here.