To celebrate the 11th annual National Cyber Security Awareness Month (NCSAM), (ISC)² has released its third set of tips by security experts: cybersecurity tips for home owners.
“Whatever browser you use (Chrome is best), make sure you are using the site evaluation tools available to help identify safe/not-so-safe sites. With this, you get a color-coded rating of the site before you visit. You can also establish secure connections on most sites automatically through add-ons and extensions.
Don’t advertise your router address name (SSID). Set it to hide.
Use WPA2 security protocol. Most all routers now support it.
Use a password vault with different passwords on each account. Change on a set schedule or when notified of breaches.
Set a backup program to routinely back up your system drive and any critical data located elsewhere at least once a week. The backup file should be located on an external drive and can be incremental. They are cheap and very important when you need a clean restore. Things you really care about should be routinely stored on a similar drive or USB and stored offsite.
Invest in a good utilities program for basic maintenance and file management. An organized, clean computer is easier to protect and will boot and operate faster.
If you do online banking or shopping and have two computers in your home, use one strictly for your finances and avoid surfing, email, etc. use on it. This will be your money computer.
Don’t function your day-to-day use as the “administrator”. Set up an account (separate password, of course) for yourself as “limited”. This will help to minimize programs from your random visits, surfing, and rouge emails from executing. Only install programs you really want installed. The computer will ask for your administrator password when something is ready to install.
Before you start storing things in the cloud, understand how it works. Once you backup into the cloud, you will find your data is located in places you might not expect. This doesn’t mean don’t do it. Just understand what you are putting where. For example, if you do mobile banking and backup to iCloud, you have critical data out in cyberspace. Your nude pictures are one thing, your bank account is another.
I am extra paranoid: I use two malware and anti-virus systems. Make sure they do a Heuristic analysis to give a degree of protection against zero-day attacks.”
-W. Hord Tipton, CISSP-ISSEP, CAP, Executive Director, (ISC)2
“Make an inventory of IP-enabled devices in your home and update it periodically to help keep track. Make sure you are or the vendor is updating these devices with the latest patches.
I cannot stress enough the importance of a good anti-malware tool. Most good A/V programs nowadays have that protection built in; however, a lot of folks may have old versions installed. Check it to make sure it has malware detection/removal capability and if not, upgrade your program. Simply updating A/V definitions just isn’t enough anymore.”
-Dan Waddell, CISSP, CAP, Director of Government Affairs, (ISC)2
“Consider using a free service such as OpenDNS to apply parental controls and filters (including against phishing sites) to your home network.
Disable your router administration from the Internet (most routers allow this).
Consider a free program such as K9 Web Protection to apply parental controls and filters on the computer (I use this and OpenDNS together).”
-Erich Kron, CISSP-ISSAP, HCISPP, Director of Membership Relations and Services, (ISC)2
“NO Bluetooth locks.
Lock down your home routers.
Be cognizant of your smart devices.
Install a personal firewall.
Keep your home computers up-to-date and install anti-virus.
Educate young family members on cyber safety.
Take backup copies of your important personal data.
Learn to recognize and avoid spyware sites and fake antiviruses.”
-Charles Gaughf, CISSP, SSCP, Information Security Manager, (ISC)2