Security practices start at home
September 1, 2011 | By Damon Armour, IT Security Officer, contributing writer
Security awareness is one of the most effective tools used to mitigate the risks faced in our digital lives. Many users rely on the security infrastructure of their workplace to help reduce the risks of malware, phishing, denial of service, unauthorized access/use, etc. At home, typically, there is no security infrastructure providing that security blanket. Having the awareness necessary to mitigate the daily threats we face is vital in the preparation for, as well as prevention of, high-risk security incidents. Many organizations offer tips and training to educate us on how to deal with threats.
In April 2011, the National Security Agency (NSA) released a guide titled “Best Practices for Keeping Your Home Network Secure.” This article highlights some of the suggestions in the guide. The areas of focus include recommendations on protecting the host (Windows or Apple OSX, iOS), the home network, and operational security.Windows/Apple host recommendations include:
- Maintain a current or modern operating system and hardware.
- Windows 7 has a more robust security architecture, but needs to run on more current hardware due to performance requirements.
- Maintain operating system patches and security fixes.
- Use the Windows Update/Apple Software Update features built into the operating systems to keep your system current each month. Remember that rebooting is necessary for many of the patches to be effective.
- Keep your software applications up-to-date.
- Maintaining a current version of your web browser is necessary in order to protect the security of your Windows host. Internet Explorer can be updated through Windows Updates, while Firefox, Chrome, and Safari have auto-update features.
- Likewise, use the updating features of your plug-ins like Adobe Flash, Sun Java, and Apple QuickTime.
- Don’t forget your mobile devices.
- Android, iOS (iPhone, iPad, iPod), Blackberry, etc., all need to be kept up-to-date to prevent security vulnerability.
- Use a home router that supports network address translation (NAT) and SPI firewall, which can help prevent malicious network traffic.
- A home router can provide an extra layer of defense between the host computer and the Internet.
- Implement WPA2 for home wireless needs.
- WPA2 is a more secure method of protecting the transmission of your information than the former WEP standard.
- Consider using an alternative domain name server (DNS).
- Internet providers typically offer their customers a DNS service, but there are other services that offer more security features for home use: for example, – OpenDNS (https://www.opendns.com/home).
- Protect personal information.
- Be sure to have a backup strategy for important information such as financial documents, pictures, etc.
- Store sensitive information in secure locations such as an encrypted folder on your hard drive using a free tool called TrueCrypt (http://www.truecrypt.org).
- Use caution with the information you’re providing on social networking sites.
- Check the settings within Facebook, LinkedIn, etc., to be sure that only the appropriate information you share is made available.
- Always use a SSL/TLS site when dealing with sensitive information on the web.
- Look for the lock symbol and HTTPS in the address bar.
- Be smart with email usage.
- Do not open unknown attachments.
- Do not respond to phishing emails that request your credentials or account details.
Security awareness begins with each of us. By practicing good risk-reducing habits at home, these habits find their way into the workplace and vice-versa. An organization’s security posture is only as good as the habits of the people who comprise it.
NSA’s “Best Practices for Keeping Your Home Network Secure” –http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf