With people getting tech-savvy, and emboldened in terms of experimenting with newer technologies accompanied by faster and more affordable Internet connections, more home users in India to deploy Internet-connected devices at home. While connected devices at home provide greater convenience and enable faster communication, ‘home networks’ can become easy targets for cyber criminals, cautions Fortinet, the leading network security systems & solutions provider. At the same time, connectivity is enabling more employees to work remotely from home. In fact, personal, financial and medical information, as well as work assets are all at risk from increasingly sophisticated malware and financially motivated cybercriminals.
In the age of IoT (internet of things) connected devices on the home network range from smart TVs, entertainment and gaming systems, smart refrigerators, to online home security systems. Many home networks also include wireless medical devices, and tools designed to track and monitor children or elderly family members. All of these devices are connected to the Internet through a home WiFi system, or increasingly, a home area network (HAN) combined with network-attached storage (NAS) and cloud-based applications that are accessible from any device in any location. As per IDC report, there would be close some nine billion connected devices deployed across Asia Pacific by 2020.
“Recent IoT-based attacks have revealed the sheer volume and ease by which billions of connected devices can be weaponized and used to disrupt the digital economies of entire countries and millions of users. These issues are compounded by the lack of basic security features and management capabilities in many IoT devices,” said Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet. “As our work and social networks expand into the home, so does the potential threat footprint. With more employees working from home, corporate offices are being regularly linked to these hyper-connected and often poorly secured home networks. It is critical that we take a fresh look at how we’re protecting ourselves from the growing number of networks we interact with”, adds Maurya. He further says that given the rate at which technology is changing, users can no longer afford to simply load an antivirus tool onto their laptop and think they’re going to be protected. As users begin to use and interconnect more and more devices, and blend their personal, social, and work lives, security is increasingly important. “It is critical that users begin to develop a strategy now for learning, segmenting, and protecting their network, resources, data, and privacy”, viewed Maurya.
Given this context, Fortinet proposes three ways to secured home IoT networks
With the increasing number of portable IoT and other devices installed or used at home, it may be difficult to know exactly what is on the home network at any given time. Even harder is controlling what they’re allowed to do. There’re a number of security tools specifically designed for the home which can identify devices looking to connect to the Internet through WiFi network. Many of them can be easily configured to provide them with access to the guest network, while restricting and monitoring the kind of traffic they’re generating.
Before purchasing a device that wants to connect to the network, ask some questions. Not every device that wants to connect to the network needs to. Next, research these devices with an eye towards security. Many connected devices include vulnerable software or back doors that make them potential targets. And far too many of these devices cannot be hardened, patched, or updated.
Home owners can apply a simple network segmentation strategy in order to protect their resources.
• Buy separate wireless access points to separate things like gaming systems and IoT devices from PCs and laptops.
• Set up a wireless guest network for visitors or new devices. Most access points allow users to restrict access, set up things like firewalls, and monitor guest behaviour.
• Consider purchasing a separate, inexpensive device that is only used for sensitive tasks like online banking. Users could also set up a separate virtual device on their laptop or PC for banking online to protect their critical resources.
• Keep work and personal devices separated. Set up a separate connection for work, only connect through a VPN tunnel, and consider encrypting sensitive data traveling back and forth between home and corporate networks.
Home networks and devices tend to become infected because security is notoriously lax. Here are a few security tips for the home network:
• Keep a list of all the devices and critical applications on your network, including the manufacturer. Set up a weekly routine to check for updates for physical and virtual devices, operating systems, applications, and browsers.
• Get antivirus and anti-malware software, keep it updated, and run it regularly. Remember that no software is 100 percent effective, so set up a regular schedule, say once a month, where you use a second or third security solution to scan your device or network.
• Get a firewall. Most home security packages include a firewall option. Turn it on. Even the default settings are better than doing nothing.
• Use good password hygiene. Change the passwords every three to six months. One should use a password manager to store passwords. It is better to use different passwords for different kinds of things. This is advisable not to mix personal and work passwords.
• Password managers have been developed to help manage all passwords, and all one needs to keep track of is a single master password. This technology will also automatically create strong random passwords for each application one needs to access, and store them in an encrypted format.