The continuing evolution of IoT is redefining the notion of cybersecurity. It’s not enough to protect a network computer or the network itself against unauthorized access or attack. Today, it’s essential to protect every internet-connected device — hardware, software and data — regardless of where it’s attached. That includes guarding information that can be used to create a cyberattack.
As consumers add more internet-connected devices to their home networks, it’s important that they, too, follow cybersecurity best practices. Dwellings — no matter if they are single-family homes, apartment complexes or community housing — store information such as sensitive personal data about residents that is valuable to data thieves. Residential areas, such as mailboxes, parking locations and service set identifiers, can be vulnerable to hacking as well.
A secure residential cybersecurity framework should address the following six personal data protection protocols.
Closely secure passwords. Once a password is cracked, that’s all a cybercriminal needs to gain access to your information. At a minimum, passwords should be at least 12 characters and include a mixture of numbers, symbols and letters. They should also not be a common word or combination of words. Passwords should not be composed of obvious substitution characters — for example, using a zero to replace the letter O.
Implement malware protection. Malware refers to any kind of malicious software originating from the internet, ranging from adware to dangerous ransomware. Both Microsoft and Apple have antivirus/antimalware tools built into their OSes that serve as an effective first line of defense against malware. More targeted antimalware software, designed to protect against more destructive ransomware, is also commercially available.
Protect privacy. Almost all apps, websites and online services host a trove of data about their users and are a gold mine for a cybercriminal. It takes time to secure your global digital footprint, but successful hacks, like the ones against Equifax and Capital One, illustrate the necessity of guarding your privacy. It is certainly difficult to protect sensitive information while conducting business in the digital economy. Still, be wary with whom you are sharing sensitive information, such as ZIP codes, addresses, mothers’ maiden names or bank account details.
Updating cookies can help protect privacy, too. Websites gather and store information about your browsing history through cookies, thus enabling sites to market products and services. Use a VPN to browse anonymously — VPNs encrypt traffic, and they offer the best online protection. Turn GPS off on your phone as well because some applications post your location. Autofill, while convenient, should be also deactivated. The feature is particularly vulnerable to breaches since the information used to complete forms is stored online.
Other steps to ensure personal data privacy include the following:
- Private browsing modes should be used when available, as they help keep the user anonymous online. Chrome’s Incognito function is an example of a good private browser, as is Tor. Ensure that online transactions are processed through HTTP Secure (HTTPS), as the protocol is the most secure way to send data between a browser and a web server. Websites that aren’t HTTPS-compatible could have malware installed on them and permit a hacker to gain access to the transmitted information.
- Set social media accounts to private to reduce the amount of publicly accessible data. With email, use caution when opening a message or clicking on embedded links. Doing so can activate a malware attack on your device, exploiting your personal information.
- Avoid using a hotspot or public Wi-Fi to access the internet. Public Wi-Fi has no encryption, potentially allowing anyone to read whatever data you are transmitting.
Stay up to date on computer security education. Understand the role security software plays in personal data protection. Ensure you download software updates and patches designed to protect your home devices from security vulnerabilities. Education and awareness training will help consumers keep their systems safe from phishing, social engineering attacks and other online scams used by cybercriminals to steal information.
Implement mobile protection. There are just as many threats on mobile devices as there are with desktop or laptop computers, especially as more of our personal data is stored on these devices. Some tips to keep in mind: Avoid public Wi-Fi, as it is one of the biggest attack vectors for all types of mobile devices. Use biometrics — face, fingerprint or voice — to enable access; these are the best alternatives for passwords on mobile devices. Do not use potentially dangerous apps as they are one of the fastest growing threats to mobile devices. In one year, Google caught more than 700,000 malicious apps in its Play Store. Finally, enable remote lock and data wipes. This is one of the most important tools you can use to protect your device if it is lost or stolen.
Conduct risk assessments and determine vulnerabilities. Every personal device that is used or owned by someone living in any residence is susceptible to a cyberattack, so a risk assessment should be performed on each device to determine its vulnerability. Users shouldn’t download software or apps from an unknown or untrusted source, even if they look legitimate. Users should also reduce the number of programs on a device to a minimum and delete those that aren’t in use. Update all software regularly to avoid security issues, and employ supplemental software, such as antivirus, antispyware, email encryption and a password manager.