Paul Ducklin, principal research scientist at IT security company Sophos, offers some tips for keeping IoT devices and other connected computers secure at home – especially if you are working from home as well.
Ducklin says there are seven questions you should ask yourself about devices on your home network and about the setup of your network in general. Think of it as going through your very own Cybersecurity Awareness Month at home.
1. Do I actually need this device online? If not, consider removing it from your network. Or if you don't need it listening in or activated all the time, consider powering it down when you aren't using it. (Simply unplugging it from the wall socket is often all you need to do.)
2. Do I know how to update it? If not, find out how; if the vendor can't reassure you about security updates, consider switching products to a vendor that does (and see step 1).
3. Do I know how to configure it? Make sure you know what security settings are available, what they are for, and how to set them up (and see step 2).
4. Have I changed any risky default settings? Many IoT devices come with remote troubleshooting features turned on, which crooks may be able to abuse, and default passwords, which the crooks will definitely know. Check and change defaults before you make the device live (and see step 3).
5. How much am I sharing? If the device is hooked up to an online service, familiarise yourself with how much data the device is sharing, and how often. You may be happy to share some data, but never feel squeezed into turning all the options ‘to the max’ (and see steps 3 and 4).
6. Can I ‘divide and conquer’ my network? Some home routers let you split your Wi-Fi into two networks that can be managed separately. This is useful if you are working from home because it means you can put your home IoT devices on a ‘guest’ network and your work devices, such as a laptop, on another.
7. Do I know who to turn to if there's a problem? If your work has an IT department or offers access to tech support, make sure you know where to report anything suspicious. Ask them what information they are likely to need and provide it at the outset in order to speed up the process.
“By the way,” adds Ducklin, “if you're an IT department looking after remote workers, make it easy for your less-technical colleagues to reach out for cybersecurity advice, or to report suspicious activity, and take the attitude that there's no such thing as a stupid question.”
Read more...From the editor's desk: A ray of sunshine Technews Publishing
On Monday morning, I was making my way very slowly across town to my office. The drive was – even by Monday morning standards, which is usually busier than other days with everyone trying to get an ...
Read more...A renewed hope Technews Publishing
July has been a slightly more positive time for businesses in South Africa, and for engineers and technicians in the electronic engineering and manufacturing sector.
Read more...UWB technology is poised to take off Technews Publishing
Telecoms, Datacoms, Wireless, IoT
Ultra-Wideband’s (UWB) precision and accuracy are what sets it apart from other location services, and with many large corporations leading the charge into research in this field, the technology is growing at a rapid pace.
Read more...From the editor's desk: Good day from 25 000 feet Technews Publishing
Recently I was sitting, rather uncomfortably, watching the display on my phone showing me that I was at an altitude of around 8300 m above sea level and travelling at a speed of 911 km/h between Johannesburg ...