Did you know that the average person owns approximately seven internet connected devices? Each device is constantly vying for your attention, collecting data, and potentially exposing your personal information to the internet. Your Google Home, Amazon Alexa, MacBook, iPhone, and Android are all connected. That’s just the beginning of the list of potentially connected devices in your home and office. The average person must proactively secure these devices to protect valuable personal and professional data. I want to share some simple steps you can take to secure these devices and data.
- Never, Ever, Connect to Public Wi-Fi: Imagine you are switching offices; you have to move all of your company’s documents, financial information, and client information to a new location. As you are lugging everything out of your office, a stranger pulls up with a U-Haul and offers to load up everything and bring it to your new office (they even offer you some hot coffee and donuts). How convenient! Would you really trust this person with this sensitive information? This is essentially what is happening when you connect to free Wi-Fi. There is no way for you to know who is watching, collecting, or manipulating any data that enters or exits your device when connected to free Wi-Fi.I highly recommend using a mobile hotspot whenever traveling. Most cellular plans now include “Tethering”. If you do not wish to use this feature, ask your company about providing mobile hotspots for travel. Any IT department should gladly reward your desire for securing the company’s data.
- Disable Automatic Wireless Connections: When your device connects to a wireless network and you select “Connect Automatically”, your device is constantly scanning for networks with the same name and attempting to connect. This means that Starbucks-Guest’s evil doppelganger can get your device to connect and capture your traffic! Even better yet, if you are not actively using a wireless connection, turn of your Wi-Fi. You wouldn’t leave your front door unlocked at night just because you are in your house, would you?
- Maintain the Right Work-Life Balance: I guarantee we are thinking about two different things right now. It is crucial to ensure that you are not introducing any unnecessary threats to your company. When we get home from work, we tend to relax. We let down our guard, and do not think about the implications. Often, the password for your personal email is much weaker, the security filtering is much weaker, and you likely do not have an enterprise grade firewall protecting your home network. Because of this, you should never intermingle your personal accounts with your corporate accounts or use corporate devices for personal internet browsing.Never use your work email to sign-up for personal accounts or services. Do not use corporate devices to view your personal email, Facebook, Instagram, Discord, etc. Never (say it louder for the people in the back) re-use passwords.
- Use a Password Vault: Have you ever heard of Security Fatigue? If not, I need you to remember this basic password for me: (3XqL#N79tZm. Passwords are the most basic form of protection, yet so many people still use basic passwords that can be easily cracked.All Apple devices now include something called your “Keychain” which allows you to store all your logins, protected by Face-ID or Touch-ID, and your phone/tablet/laptop can automatically fill in your login information. This feature also offers automatically generated, cryptographically complex passwords.
Google offers a similar product for Chrome and Android devices: Google Password Manager. If you do not want to use this product, look around for a trusted password manager such as 1Password.
- Verify Your Passwords Have Not Been Leaked: Sensitive data and passwords are leaked on a weekly if not daily basis. Thankfully, the security community has made it easy to fight back by creating a free service at “haveibeenpwned.com”. This site allows you to check if your email accounts or passwords have been involved in any of the millions of recorded data breaches. Companies are beginning to include services like this in password managers, alerting you when a password you are using appears in a data leak.
- Secure Your Home Internet: Have you changed your Wi-Fi’s password since you purchased your router? Have you changed the admin password on your router? Have you ensured remote management is turned off? Have you disabled WPS? Most home routers now include numerous features you can enable to increase the security of your home network. Often you can set firewall security levels of low, medium, or high. Setting up trusted devices allows you to control who connects to your wireless network. Parental controls can also be set up to keep unsafe content out of your home.
We hope you will use these tips to make your devices at home and work more secure. As always, if you need help that goes beyond what is listed in this quick blog post, Conversant Group is here to help you solve the large and small problems.