Securing your growing home network

Written by Paul Williams • Online since 5.09.2017 • Filed under Information Technology • From Issue 6 - September 2017 - February 2018 page(s) 46-47
Securing your growing home network

With the increase in the number of people working from home, more corporate offices are being linked to hyper-connected and often poorly-secured home networks. The implications are significant.

The number of connected devices in South African homes are expected to increase exponentially. Smart TVs, connected appliances, online fitness devices, entertainment and gaming systems, smart cars, connected water and power meters, climate control systems, and online home security systems are all available. Many home networks also include wireless medical devices, and tools designed to track and monitor children or elderly family members.

All these devices are connected to the Internet through a home Wi-Fi system, or increasingly, a Home Area Network (HAN) combined with Network-Attached Storage (NAS) and cloud-based applications that are accessible from any device in any location. We are also now beginning to see interconnectivity being developed between these devices, as well as connectivity to other systems and networks to enable information and entertainment sharing with friends and family, or data collection by device manufacturers and service or utility providers.

Significant implications

For corporates with personnel working from home, these hyper-connected and often poorly-secured home networks have significant implications. Some companies are stepping up and offering user awareness training programmes for remote workers, especially for employees with access to sensitive data.

But learning how to avoid phishing and social engineering attacks does not address the relatively new problem of hyper-connected home networks.

As our work and social networks expand into the home, and the potential threat footprint in our homes continues to grow, it is critical that we take a fresh look at how we are protecting ourselves from the growing number of networks we interact with.

A three-phase approach

For the enterprise, we recommend a three-phase approach to security based around learning what is on your network, dividing the network into separated segments and then implementing appropriate security that provides critical protections without compromising functionality and interoperability.

Learn

With the increasing number of portable IoT and other devices being installed or used by family members and friends visiting your home, it may be difficult to know exactly what is on your home network at any given time. Even harder is controlling what they may do.

Home security tools can identify devices looking to connect to the Internet through your Wi-Fi network. Many of them can be easily configured to provide access to your guest network, while restricting and monitoring the traffic they are generating, the applications and home resources they are able to access, the amount of time they can be connected online, and the places on the Internet they may connect to.

Do your homework: Before you buy a device that wants to connect to your network, ask some questions. Do you really need to be able to look inside your refrigerator from the store? Does your coffee maker need to be able to order its own filters? Next, research these devices relating to security. Are there known vulnerabilities? Many connected devices include vulnerable software or back doors that make them potential targets. Can you add passwords? Can they be updated if a vulnerability is detected? This is particularly important before you add connected home healthcare devices that monitor patients or regulate medicines.

Segment

Many organisations are implementing some sort of network segmentation strategy to protect their resources. Visitors and unauthorised devices are connected to a guest network. Critical resources, such as financial data, are isolated from the rest of the network. And sensitive communications are encrypted. Homeowners can do many of the same things:

• Buy separate wireless access points to separate things like gaming systems and IoT devices from your PCs and laptops.

• Set up a wireless guest network for visitors or new devices. Most access points allow you to restrict access, set up firewalls, and monitor guest behaviour.

• To protect your critical resources, consider purchasing a separate, inexpensive device, such as a Chromebook, that is only used for online banking, for example. You could also set up a separate virtual device on your laptop or PC for banking online.

• As much as possible, keep your work and personal devices separated. Set up a separate connection for work, only connect through a VPN tunnel, and consider encrypting sensitive data travelling back and forth between your home and corporate networks.

Protect

Home networks and devices tend to become infected because security is notoriously lax. Here are a few security tips for your home network:

• Keep a list of all the devices and critical applications on your network, including the manufacturer. Set up a weekly routine to check for updates for physical and virtual devices, operating systems, applications, and browsers.

Of course, this is easier said than done. Browsers such as Google allow you to set up automated searches that alert you when news on a topic is found, or simply provide you with a daily email with discovered links.

• Get antivirus and anti-malware software, keep it updated, and run it regularly. But first, do your research. Products pretending to be security tools are actually disguised malware. Also, remember that no software is 100% effective, so set up a regular schedule, say once a month, where you use a second or third security solution to scan your device or network. Many solutions provide a free online version or let you run a free demo for a period.

• Get a firewall. Most home security packages include a firewall option. Turn it on. Even the default settings are better than doing nothing.

• Use good password hygiene. Change your passwords every three to six months. Use an encrypted password locker to store passwords. Use different passwords for different applications. Don’t mix your personal and work passwords.

Given the rate at which technology is changing, you can no longer afford to simply load an antivirus tool onto your laptop and think you are going to be protected. As we begin to use and interconnect more and more devices – and blend our personal, social, and work lives –security is increasingly important. It is critical that you begin to develop a strategy now for learning, segmenting, and protecting your network, resources, data, and privacy.

Fortinet is a global leader and innovator in network security. Its mission is to deliver the most innovative, high-performing network security platform to secure and simplify customers’ IT infrastructure. It provides network security appliances and security subscription services for carriers, data centres, enterprises, distributed offices and MSSPs. For more information, visit www.fortinet.com.

Issue 6 - September 2017 - February 2018

Issue 6 - September 2017 - February 2018

This article was featured on page 46-47 of SABI Magazine Issue 6 - September 2017 - February 2018 .

Share this

10th Annual Business Process Management take of 21 Sept 18
Power Week Africa Conference 2018 take off 15 Sept 18

Subscribe to our Digital Magazine (free)