Faster and more affordable Internet connections are driving more home users in Sri Lanka to deploy Internet-connected devices at home.
At the same time, connectivity is enabling more employees to work remotely from home. While connected devices at home provide greater convenience and enable faster communication, ‘home networks’ can become easy targets for cyber criminals, cautions Fortinet, a global leader in high-performance cyber security solutions.
“Recent IoT-based attacks have revealed the sheer volume and ease by which billions of connected devices can be weaponized and used to disrupt the digital economies of entire countries and millions of users. These issues are compounded by the lack of basic security features and management capabilities in many IoT devices,” said Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet.
“As our work and social networks expand into the home, so does the potential threat footprint. With more employees working from home, corporate offices are being regularly linked to these hyper connected and often poorly secured home networks. It is critical that we take a fresh look at how we are protecting ourselves from the growing number of networks we
Personal, financial and medical information, as well as work assets are all at risk from increasingly sophisticated malware and financially motivated cybercriminals.
According to market research firm IDC, there will be nearly nine billion connected devices across Asia Pacific by 2020. Connected devices on the home network range from smart TVs, entertainment and gaming systems, smart refrigerators, to online home security systems. Many home networks also include wireless medical devices, and tools designed to track and monitor children or elderly family members. All of these devices are connected to the Internet through a home WiFi system, or increasingly, a Home Area Network (HAN) combined with Network-Attached Storage (NAS) and cloud-based applications that are accessible from any device in any location.
Fortinet proposes three top strategies and techniques for home users to secure their increasingly complex and sophisticated home networks:
1. Learn - With the increasing number of portable IoT and other devices installed or used at home, it may be difficult to know exactly what is on the home network at any given time. Even harder is controlling what they are allowed to do. There are a number of security tools specifically designed for the home which can identify devices looking to connect to the Internet through WiFi network. Many of them can be easily configured to provide them with access to the guest network, while restricting and monitoring the kind of traffic they are generating.
Before purchasing a device that wants to connect to the network, ask some questions. Not every device that wants to connect to the network needs to. Next, research these devices with an eye towards security. Many connected devices include vulnerable software or back doors that make them potential targets. And far too many of these devices cannot be hardened, patched,
2. Segment - Home owners can apply a simple network segmentation strategy in order to protect
- Buy separate wireless access points to separate things like gaming systems and IoT devices from PCs and laptops.
- Set up a wireless guest network for visitors or new devices. Most access points allow users to restrict access, set up things like firewalls, and monitor guest behaviour.
- Consider purchasing a separate, inexpensive device that is only used for sensitive tasks like online banking. Users could also set up a separate virtual device on their laptop or PC for banking online to protect their critical resources.
- Keep work and personal devices separated. Set up a separate connection for work, only connect through a VPN tunnel, and consider encrypting sensitive data traveling back and forth between home and corporate networks.
3. Protect - Home networks and devices tend to become infected because security is notoriously lax. Here are a few security tips for the home network:
- Keep a list of all the devices and critical applications on your network, including the manufacturer. Set up a weekly routine to check for updates for physical and virtual devices, operating systems, applications, and browsers.
- Get antivirus and anti-malware software, keep it updated, and run it regularly. Remember that no software is 100 percent effective, so set up a regular schedule, say once a month, where you use a second or third security solution to scan your device or network. Many solutions provide a free online version or let you run a free demo for a
period of time.
- Get a firewall. Most home security packages include a firewall option. Turn it on. Even the default settings are better than doing nothing.
- Use good password hygiene. Change your passwords every three to six months. Use a password manager to store passwords. Use different passwords for different kinds of things. Do not mix your personal and work passwords.
- Password managers have been developed to help manage all your passwords, and all you need to keep track of is a single master password. This technology will also automatically create strong random passwords for each application you need to access, and store them in an encrypted format.
“Given the rate at which technology is changing, users can no longer afford to simply load an antivirus tool onto their laptop and think they are going to be protected. As users begin to use and interconnect more and more devices, and blend their personal, social, and work lives, security is increasingly important,” said Rajesh Maurya. “It is critical that users begin to develop a strategy now for learning, segmenting, and protecting their network, resources, data, and privacy.”