Cybersecurity for Practicing at Home

cybersecurity for home devices
Top Legal Marketing Companies

Sheltering in place requires cybersecurity for your phone, laptop, tablet, WiFi and all other Internet connected devices (IoT devices). Gaps in your home information set-up can expose you to a cyberattack and infect all your devices.

Your system contains client financial records, credit card information, client health records, access to your firm’s bank account, propriety client information and the ability to send and receive wire transfers.

Advertisement

Answering Legal Banner

If you’re new to setting up cybersecurity for home devices and don’t understand the alphabet soup and jargon, companies like ours can do an assessment and recommend fixes to close any gaps. The more layers of protection you wrap your home office in, the safer you and your data will be.

WiFi: If you are using AT&T or Spectrum for some of those devices, check your encryption settings and make sure you are on WPA2. Then change the password so it’s unique and not used anywhere else.

iPhone, Android: If you use six or more numbers as your PIN, it enables the encryption.  Check with your manufacturer for other security controls, or contact us for help.

Advertisement

Eza Mediation

Laptops/Tablets: When you create work-related material at home on your laptop and the information is sensitive in nature, you may want to encrypt the data at rest.

Any devices that store sensitive data should be encrypted at rest, and only strong encryption methods such as AES and RSA should be used. More than 90% of stored data is at rest, so encryption at rest is crucial.

If you are going to communicate with an external party, you might want to use secured dashboard technology like Citrix, Sharefile, or Axcient. Again, you should consider this for all devices that store data. These technologies are capable of securing data both in-transit and at rest. Customizable security controls give you the power to recover lost data and prevent leaks in the first place.

No. 1: Use a VPN (Virtual Private Network)

VPNs mask your location and your Internet Service Provider (ISP), giving you an extra layer of protection in the form of online anonymity. This is one of the quickest and easiest ways to protect your browsing history and IP address. You should use a VPN on any devices that browse the Internet and store or transmit sensitive data.

No. 2: Multi-Factor Authorization (MFA)

Utilizing MFA wherever possible will help stop hackers from gaining control of your accounts, even if they have access to your username and password. Maybe they were able to hack into your email, but do they have your actual cell phone? It might seem like a pain sometimes, but it’s worth the extra added security. Use MFA for all accounts that store or transmit sensitive data.

No. 3: Managed Security Package

Protect your devices from ransomware, virus, spam, malware, and phishing by purchasing protective software from a reputable company such as ​Bitdefender​ or ​Quad9​, which is free and will protect you in real time if you go to a malicious site. You need protection on all Internet connected devices. The free services are a good first layer, but consider adding more layers of increased security such as keystroke encryption, hard disk firewall, and managed services. With managed services, your logs are constantly monitored for attack and vulnerability.

No. 4: Encrypt and Backup Your Data

If the security of your home office is compromised, having your data encrypted and backed up is invaluable. Use secure folders and make a copy of your sensitive and vital work files both offline and online.

For online storage​, use a cloud service like Axcient or Microsoft Office 365 with Onedrive on their E3 plan. For offline storage​, consider a flash drive or external hard drive so that you have a way to recover your files in case of an unfortunate event.

No. 5: Use Strong Passwords

Use long string keywords for everything. Use a combination of upper and lowercase letters, numbers, and symbols. Never use the same password twice. Never write your passwords down. Use a password manager software such as Lastpass that will generate AND remember your passwords for you.

Pair your password manager with a hardware token like a Yubikey to add an extra layer of security to your passwords. This is easy to set up and well worth the effort.

No. 6: Encrypt Everything

Encrypt everything you can, and use STRONG encryption software when possible, including:

  • Wireless Network Encryption: ​Layer your wireless encryption with a hardware    firewall with IDS and IPS enabled.
  • DNS Encryption:​ Encrypts your DNS by changing your router to 9.9.9.9
  • Keystroke Encryption​: This will stop zero-day keystroke/keylogger malware, especially when layered with biometrics and MFA.

All of the recommended solutions are available from a wide variety of vendors, at different price points. You can also get all-inclusive package prices from cybersecurity firms. Take the time to get the appropriate layers of protection in place. Proper preparation prevents poor performance.

Craig Petronella

Craig A. Petronella is the CEO of Petronella Technology Group, Inc. (PTG), ComplianceArmor.com, and BlockchainSecurity.com. PTG is an internationally trusted IT cybersecurity and digital forensics firm helping law firms with training, security, and compliance. Craig has 36 years of experience, authored multiple books. For more information on security awareness core training, go to: https://compliancearmor.com/collections/courses/products/ptg-security-awareness-core-training.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts