We’re all concerned with our home’s physical security, but so often we forget to pay the same amount of attention to our digital security. However, leaving your home’s digital entry points open is like leaving your front door wide open—just as you would secure the doors and windows of your home, you should secure your digital doors and windows as well.

Router

• Don’t ignore your router. We tend to get a router from our internet provider, hide it in a closet or under a bed, and then forget about it. Your router provides important services—it connects your digital home to the internet and determines the digital security of your home. Making changes to your router is an important step toward protecting your digital home.
  • Change default user names and passwords. There are two sets of IDs and passwords: one for the router (the user name) and one (called SSID) for the network. Create two unique sets of user names and passwords that do not contain your name or address. Use a passphrase that is at least 15 characters long.
  • Confirm your router uses WPA2 encryption. Routers can use three types of encryption, and WPA2 is the most secure, and has not yet been cracked by cyber criminals. If you use encryption that is not WPA2, a hacker could easily eavesdrop on your internet traffic.
  • If your router is more than three years old, get a new one. Just like all technology, routers get outdated and no longer support critical security features. It is usually cheaper to buy a new router than to fix an old one. Remove any stickers and papers from the shipping box before throwing it out. Shipping materials often contain your name, address, router name, and password.
  • Check your internet provider’s website for guidance on making changes to your router. Alternatively, you can call customer service, and they can walk you through the steps.
• Create separate wi-fi networks.
  • Create a guest network for people who do not live in your home. If someone brings an infected device into your home, a separate network can prevent it from infecting all the devices connected to your home network.
  • Periodically sign into your internet provider’s website to audit what devices are connected to your wi-fi. If you suspect that an unauthorized device is using your wi-fi, change your router’s SSID password immediately and contact an information security professional.

Home Computer

• Strengthen your home computer’s security.
  • Run critical security patches as soon as possible to fix bugs and keep your computer secure. When bugs and their fixes are announced, hackers will move to exploit the bugs immediately. Installing security patches will help prevent hackers from attacking you.
  • Set your computer’s security settings as high as possible, especially if you use your computer outside your home. Your computer has separate security settings depending on whether you are on your home network or on a public network. When connecting to a new network, you’ll be asked whether it is a home or public network. Choosing “home network” disables most security features. If you are in public and you choose “home network,” you might open your computer to attacks. Always choose “public network” outside your home.
  • While it’s essential to keep the computer’s antivirus and firewall programs up to date, they will not protect you from recent malware. Most antivirus programs are only 20%–40% effective, and most newer viruses have been designed to get past detection. Instead of purchasing a commercial antivirus program, make sure your computer’s critical security patches are installed as soon as they are available. Turn off your computer at least once a week to allow updates and patches to run.
  • Your best antivirus defense is to avoid falling for a phishing email. If you click on a link or open an attachment in a suspicious email, you could inadvertently download malware onto your computer and allow cyber criminals access to your digital life.
• Separate computers, separate functions.
  • Be wary of using one home computer for everything. Downloading games, music, and movies from unauthorized sites could infect your computer with a virus. If you have children, use a separate computer for gaming.
  • Consider purchasing a tablet to be used for banking purposes only. Keeping your finances separate will help keep them secure.
• Lock down your hard drive.
  • Create a computer password, and add passwords to documents with sensitive, personal, or financial information. Use a long passphrase that has at least 15 characters.
  • Turn on the encryption for your hard drive. If your computer is stolen or lost, criminals will not be able to access your files if they do not have your computer password.
• Avoid the unknown.
  • Do not plug in flash drives unless you know the source and are sure that they are free of viruses.
  • Do not connect to unknown, free, or public wi-fi.
  • Do not click on links or open attachments in emails you didn’t expect without confirming the email’s authenticity.
  • Do not download games, movies, TV shows, or music from unauthorized sources or peer-to-peer networks.
  • Cover your computer’s camera to prevent cyber criminals from possibly spying on you.

Internet of Things Devices

• Multiple devices pose multiple risks.
  • An Internet of Things (IoT) device is a “smart” device that connects to the internet, has a memory, and communicates data. These devices have infiltrated many areas of our lives: cars, medical devices, refrigerators, TVs, security systems, baby monitors, activity monitors, and much more.
  • These devices might not look like computers, but they are. Just like any computer, they need to be password-protected, have a secure connection to the internet, and receive updates.  
• Security concerns.
  • Many IoT devices are designed to be convenient, cool additions to your life. Others are lifesaving and medically necessary. Whatever the purpose of the device, make sure it has high security standards. Sometimes devices are rushed to market, with security an afterthought.
  • Unfortunately, the old adage “you get what you pay for” is often true—the cheaper the device, the less likely it is that it has high security standards.
  • Do not buy a device that does not have a password or has a default password that cannot be changed. For each device, create a long, unique password that totals more than 15 characters.
  • If the device is more than a few years old, consider buying a new one. After a few years, the device’s technology could be outdated and may not support critical security standards.

• Before you purchase a device:
  • Do your research. Read user reviews and decide if you want to wait until the initial kinks have been fixed. Buy a new device, not one that is used or second-hand.
  • Read the privacy policy. Understand what type of information the company is collecting about you and how they will manage it. Find out if they will sell your information to other vendors.
  • Find out what type of security and encryption the device uses to decide how well your privacy and security are protected.
• After you purchase a device:
  • Only turn on the device when you need it. If the device has a microphone, hackers could turn it on remotely and listen to your conversations from anywhere in the world.
  • Make sure that the device’s security patches are up to date. Check for upgrades on the device website, confirming it has the latest software version.
  • Keep an inventory of all devices. Note each device’s manufacturer, year of purchase, version, and purpose.
• Keep informed about the manufacturer:
  • If you learn from the news that the manufacturer of a device in your home was hacked, change the device’s password immediately.
  • Be wary of emails from the manufacturer that ask you click on a link to run an update. Instead, open a new browser and navigate to the manufacturer’s website to confirm if an update is needed. If an update is required, run the update directly from the website.