Our publication date, the second Tuesday of the month, coincided with Microsoft’s Patch Day. It’s when the software gods in Redmond, WA, issue the latest security patches, bug fixes, and performance updatesContinue reading
Don’t think your home is too small to be a hacker’s target. The recent invasion of a young girl’s bedroom through a camera system has sparked a lawsuit and some hot discussion about who’s at fault. Ultimately, you need to make you cover all the bases, and the Department of Homeland Security offers some help in making sure you know where the bases are.
DHS rightly states what we think is obvious about the two common misconceptions home users share about the security of their networks:
- Their home network is too small to be at risk of a cyberattack.
- Their devices are “secure enough” right out of the box.
Besides those misconceptions, home networks – no matter how many smart devices or dumb devices they connect – have many moving parts. In addition to cameras and smart speakers, to name just two, our networks include routers, computers, mobile devices and TVs. So, even though you may think you have a strong username and/or password for every device, there’s a possibility you can miss one key setting – or there’s a possibility that someone using your network has the weak link in your security chain that provides outside access.
The DHS checklist, which we summarize below, is a good place to start. It reiterates a lot of actions we’ve told you to take over the years, and it’s a good refresher.
- Update your software regularly. Besides adding new features and functionality, software updates often include critical patches and security fixes for newly discovered threats and vulnerabilities. (See Understanding Patches and Software Updates.)
- Remove unnecessary services and software. They can create security holes in a device’s system that could lead to a larger attack surface of your network environment. This is especially true with pre-installed trial software and apps installed on new computers. Remove what you don’t use.
- Adjust factory-default configurations on software and hardware. They’re intended to reduce the troubleshooting time for customer service. Harden them to reduce vulnerabilities.
- Change default log-in passwords and usernames. Most network devices are pre-configured with default administrator passwords to simplify setup. They’re not secure. Change them.
- Use strong and unique passwords. Choose strong passwords and don’t use the same password with multiple accounts. (See Choosing and Protecting Passwords for more information.)
- Run up-to-date antivirus software. A reputable antivirus software app can automatically detect, quarantine, and remove various types of malware, such as viruses, worms, and ransomware.
- Install a network firewall. It can block malicious traffic from your home network and alert you to potentially dangerous activity. When properly configured, it can also serve as a barrier for internal threats, preventing unwanted or malicious software from reaching out to the internet. We can help you configure them.
- Install firewalls on network devices. In addition to a network firewall, consider installing a firewall on all computers connected to your network. We can help you configure them, too.
- Regularly back up your data. Consider using a third-party backup application, which can simplify and automate the process. Be sure to encrypt your backup to protect the confidentiality and integrity of your information. Data backups are crucial to minimize the impact if that data is lost, corrupted, infected or stolen.
- Increase wireless security. Follow the
steps below to increase the security of your wireless router or ask us for help.
- Use the strongest encryption protocol available. DHS recommends using the Wi-Fi Protected Access 3 (WPA3) Personal Advanced Encryption Standard (AES) and Temporary Key Integrity Protocol (TKIP), which is currently the most secure router configuration available for home use.
- Change the router’s default administrator password to deter an attack using default credentials.
- Change the default service set identifier (SSID), the “network name” that identifies a wireless network. Make it unique and not tied to your identity or location.
- Disable Wi-Fi Protected Setup (WPS). A design flaw in the WPS specification for PIN authentication significantly reduces the time required for a cyberattacker to brute force an entire PIN.
- Reduce wireless signal strength to reduce your electronic footprint.
- Turn the network off when not in use or automatically disable the Wi-Fi at specified times to prevent outside attackers from breaching your home network.
- Disable Universal Plug and Plan (UPnP) when not needed. Recent large-scale network attacks prove that malware within your network can use UPnP to bypass your router’s firewall to control your devices remotely and spread malware to other devices.
- Upgrade firmware to enhance product performance, fix flaws, and address security vulnerabilities.
- Disable remote router management to guard against unauthorized individuals accessing and changing your router’s configuration.
- Monitor for unknown device connections to monitor for unauthorized devices joining or attempting to join your network. Also see the manufacturer’s website for tips on how to prevent unauthorized devices from connecting to your network.
- Mitigate Email Threats. Phishing emails continue to be one of the most common and effective initial attacks. They prey on the human element – the weakest component in every network – by persuading a user to click on a link or open an attachment.
All the steps you can take are common sense, but they’re often overlooked in our hurry to get a new product or feature online. The hacker looks to exploit momentary carelessness. We can review your home or office network with a security assessment and help you implement any of the steps in this checklist. Call us – 973-433-6676 – or email us for an appointment.
We’re a bunch of collegial competitors in IT support, and in recently sharing some thoughts with an industry fellow, I learned that Toshiba is shutting down its telephone business as part of a global restructuring. It seems that the pending bankruptcy of its Westinghouse Electric nuclear division is having a major financial fallout that’s affecting Toshiba America Information Systems’ (TAIS) Telecommunication Systems Division (TSD).
If you have a Toshiba phone system, as one client does, you need to make plans to secure third-party support or be ready to migrate to whichever company may buy Toshiba’s phone system assets. However, there are many things that any company needs to do whenever any of its technology suppliers goes out of business. Some companies have assets that can be acquired, in which case you can most likely expect factory-level support. Some companies are better than others about helping you stock up on replacement parts and providing final firmware updates and security patches, but we wouldn’t count on it.
As an IT support company, we can help you in a number of ways.
- We’ll check to make sure you have the most up-to-date firmware and security patches for your hardware system. We can’t emphasize enough the importance of this. Any security hole in your phone system can easily lead to a breach in your entire network. Updates will buy time for any next steps you’ll need to take.
- We’ll help you evaluate your options. Your best option may be to continue with your system based on its age, its capabilities and the strength of current firmware and security software or the strength of support from another provider. Our two goals are to protect the integrity of your business systems and to help you maximize your investment in your current technology.
- If migration to another system is your best option, we’ll help you plan a budget and timetable for making your move. As part of the process, we’ll help you evaluate all the available systems that fit your needs to help you fully understand the strengths and weaknesses of each and set ROI goals.
System providers come and go. Always have; always will. But if you keep your eyes and ears open and take a deep breath when you get bad news about one of yours, we can always help you find a solution. And working together, we can find one that meets your cost and capability needs as best as possible. Call us – 973-433-6676 – or email us with any questions about looking for new systems.