With all of the media attention on massive data breaches and ransomware attacks, there has never been a better time to focus on our own home systems and networks. In this article, we will lay out six ways the every day person can improve their cyber security posture and potentially thwart a cyber security incident.

Tip #1 - Invest in Backup Software

Ransomware is one of the most difficult threats to overcome presently online today. As we articulated in our last article, the means to mitigate the damage in many cases are very limited. If the Ransomware is coded well, the only realistic means of recovering your data without rolling the dice on paying the ransom (which despite some contradiction you may find online, we still do NOT recommend doing) are through backups. Most businesses have some form of backup software running and I cannot recommend backing up your home data in the same manner enough. Essentially, you are investing in insurance for your online data which usually includes anything from family photos to critical work presentations. My personal recommendation is Acronis Backup as it not only segregates your data but can even detect and stop Ransomware that executes on the network. If you take nothing else from this post, invest in something to backup your data. If you somehow get a Ransomware attack on your home network, this may be the only way to protect your data.

Tip #2 - Do not click on links in Email

The most common way criminals attempt to steal passwords and send malware world wide is through Email. Links in emails are one of the ways criminal organizations send malicious payloads or harvest credentials. There is just no reason to ever click a link in an email. Even if you believe a link comes to you and you feel it's safe, it is still much safer to simply open a web browser and retype that link yourself. Phishing emails are notorious for obfuscating the link they send to you in the hopes that you click it. If you are even the slightest bit suspicious of an email link, do not click it. Ever.

Tip #3 - Do not use open Wifi

Open WiFi networks are super easy to use and convenient for most of us who find ourselves traveling from hotel to hotel or airport to airport. It may seem like a good idea to jump on the airport WiFi while stuck in a layover or sitting in a Hotel late at night but this is not a great idea. Despite warnings for years, there are wireless networks that are being used in major hotels and airports worldwide that fail the most basic of security parameters. Some are just completely wide open with no encryption on the data. This means a malicious attacker could have free reign over that network. From setting up rogue access points that send unsuspecting targets to fake websites to quietly capturing all the network traffic in the hopes of stealing a password criminals can use open WiFi networks in a multitude of ways that an end user may never know. Just last year, I spent a week in a multi million dollar four star resort in a major tourist heavy location and that resort had an open wireless network with its wireless controller on the same subnet as the guest network (an abject failure of network segmentation). The bottom line is that if you choose to log into an open wireless network, you are taking a huge risk and you may never know the damage done. If you absolutely have to use a wireless network, use your phone or leverage that phone as a hotspot. This introduces far less risk to your devices.

Tip #4 - Use Endpoint Security Software on your devices

This seems really basic but the debate upon this topic has raged for several years now. For reference, Endpoint Security is generally known as antivirus to most people reading this article. For many years, the debate was between a paid Endpoint Security solution versus Windows Defender for Windows users. While I can say that Windows Defender has made significant progress over the years, it is not a replacement for a good, solid Endpoint Security Software package. Ransomware is simply too big of a threat to rely on Windows Defender to prevent and many of the newer strains Windows Defender does not prevent. My recommendation is Bit Defender but there are are positives and negatives to each of the Endpoint Security software packages available. Choose a reliable vendor but keep your at risk devices up to date with a good ES Software package.

Tip #5 - Do not reuse the same password over and over

Passwords are a disaster of a topic that is worthy of its own article but for this section, I want to focus on the redundancy factor of passwords. Given all of the massive data breaches over the course of the last ~10 years, there is a high degree of professional certainty that one or more of the passwords you use have been exposed by one of these breaches. If criminals are able to harvest one of your passwords from one of these

breaches, they will test it elsewhere. So if you use the same password for your online banking, your Facebook, your Pinterest, doesn't matter. That breach has systematically compromised everything you do online. Passwords suck; we know this. More elegant solutions are coming but for now the best practice is to use different passwords for different accounts and keep them complex (at least 10 characters with a special character at the minimum). Doing this keeps the inevitable breach damage to a minimum and forces only one password change instead of potentially dozens.

Tip #6 - Use a VPN for connections

VPN Stands for Virtual Private Network and it is a way to encrypt and protect connections over the internet. This prevents ISPs or other entities from tracking your connection or viewing packets over the web. This is a good response to open wireless networks previously mentioned. The big caveat I will say with VPN services is that most of the ones that advertise are hosted overseas. For example, NordVPN is based in Panama. IPredator is based in Sweden. The host country could cause issues if the laws in that country contradict the privacy a VPN is designed to provide. VPNs are outright banned in places like Russia and China because it has the potential to circumvent the governments ability to monitor its citizens. It is highly recommended to find a good VPN that you feel comfortable with if this appeals to you but be aware of the potential consequences from a political perspective.

What concerns do you have about your home cyber security? What other tips can you provide folks that are not mentioned here? (Hint: There are many, many more I did not touch upon here). Feel free to comment below!