Home Camera Settings 7 network security myths that make you less secure

7 network security myths that make you less secure

7
0


The speed at which the tech world moves often means that what was true isn’t true by the time you hear about it, and that’s a problem when it comes to security. And when that security keeps your home network safe, any outdated information passed into mythology isn’t just a problem, but actively working against your interests.

It’s one thing to repeat fairytales about Ethernet cables until you’re blue in the face, or PC performance platitudes that no longer apply, but at least those only limit the performance of the devices you’re using. Network security myths are more insidious, as they make you feel like you’re being secure when, in reality, they are enabling any attackers who might happen to glance in your direction. Whether you think you’re too small to matter or that securing your network will be expensive, I’m here to bury some of these ill-conceived notions once and for all.

Related

Should you wire your entire house, or use a mesh network?

If you need network coverage throughout the whole house, a mesh system is an easy solution, but running Ethernet can give you better performance

7

A single device can secure your network

You need a layered approach to network security instead

Like physical security for your home, network security is best done in layers, because no single security device will secure your entire network forever. There are too many ways a network can be attacked for a single point of failure to be effective. Think about it. Your home has lock(s), alarms, possibly cameras, and other security devices to deter, slow, or deny anyone trying to break in.

Your network is no different. It could consist of access control for individual devices, a hardware firewall, intrusion detection or prevention systems, device isolation with a zero-trust model, monitoring software, antivirus and anti-malware software, and more. With more layers for any attack to be successful, the hope is that all but the most determined attacker will decide you’re not worth the time and move on to easier targets.

Related

6 overlooked router settings that can improve your network security

You can make your home network much more secure with a few changes.

6

You’re too small to target

Sorry, security through obscurity doesn’t work when bank details are involved

A controller placed atop a NAS

Whether you’re a multinational company or a single household with a centralized NAS, data is cash money to cybercriminals, and nobody is safe. In some ways, home users are more of an enticing prospect, because you don’t have a team of security professionals keeping your home network secure. Things like banking details are always a target, but even siphoning off personal data to sell on the dark web is enough of a financial incentive to hack your network. This is why it’s essential to keep on top of security updates, because any low-hanging fruit that they can pluck will get plucked.

Related

Cybercriminals can now clone any legitimate website, and it’s pretty terrifying

Keep an eye out for phishing attacks.

5

Attacks only come from outside the network

The call is (sometimes) coming from inside the house

TP-Link - Kasa Smart Wi-Fi Plug Mini with Homekit - White

Your router or internet gateway isn’t the most common attack vector anymore. Sure, attackers always scan the internet with automated tools to find IP addresses and open ports, but not every attack comes from outside your network. IoT and other smart home devices are favorite targets to take over, and sit dormant until needed. So are routers and NAS devices, which get infected with malware that sometimes exfiltrates your personal data, but often sits and waits. When the attacker needs lots of packets to do huge DDoS attacks, those zombie devices come to life and flood the target.

That’s one good reason for using VLANs to segregate your smart home stuff, but security appliances like hardware firewalls on your network should look for unusual traffic going out of your network and guard against traffic trying to get in. Especially with how firewalls and things like UPnP work, irregular data packets leaving your network might be more trouble than those testing your security from outside.

Related

10 ways to make your home network more resilient to outages

Nobody likes having their home network offline, especially if they work from home.

4

Software and firmware updates are optional

Please, for the love of everything holy, update your network devices

Screenshot of FreshTomato custom firmware on ASUS RT-AC66U router

This one will be hard for many of you to hear, because it’s old advice that deserves to be left in the last century. While I’m not saying “update before you read the patch notes,” I am absolutely saying that firmware and BIOS updates are no longer optional, and that goes for any network security software updates as well.

These critical updates fix bugs and other issues that attackers are exploiting. By the time network security bugs are public knowledge, not only are they being used against networks, but the companies involved are working on fixing them, and usually, the fix is done before public disclosure. Update your networking stuff, but please back up your configurations before you do, just in case.

Related

How to update your router firmware

Your router acts as your first line of antivirus defense

3

Security is expensive

You’d be surprised how affordable enterprise-level security is

Adding firewall NAT outbound rule on pfSense

Network security appliances used to fall into two camps: affordable consumer devices with little security, and enterprise devices that are expensive and come with subscription fees. That’s changed drastically in the last few years, and consumer firewalls are affordable, high-quality, and easy to use. But you don’t even have to buy more hardware to secure your network, as you can host the firewall software on an old PC, or even in a virtual machine, so it’s always there and can secure your network while scanning for intruders.

Related

I’ve tried countless solutions, and I keep returning to this self-hosted firewall

OPNsense is a great foundation for a stable firewall.

2

Once secure, always secure

Your network security solutions need to evolve over time

closeup of firewalla gold pro

Network security is always about trade-offs, but one thing is true: The things that secure your network today aren’t necessarily the things that will secure it in a year, let alone five or more. New exploits are always being found, and hopefully patched. Many wireless protocols were thought to be secure until a proof of attack was figured out, and attackers are getting better and more sophisticated all the time.

That means your thought process towards network security needs to be fluid, with regular check-ins to see if anything major has been discovered, or if new, more secure protocols have been invented. It’s a game of cat and mouse between attackers and defenders, and your security is only as good as the last exploit.

Related

6 overlooked security practices I implemented at home and I regret not using sooner

Check out these security practices you aren’t using at home. I wish I engaged them sooner.

1

A Wi-Fi password means your network is secure

Never assume that your Wi-Fi network is unassailable

Password-protecting your Wi-Fi network is an important step towards network security, but it’s not the only thing you should be doing. Your network should be using WPA2 or WPA3 because every other algorithm can be cracked in minutes, and that goes for WPS, too, if your router has that button on it. You should have already changed the Wi-Fi password from the default setting, because that’s often generated from the SSID, because router manufacturers are lazy, and there are plenty of online resources to discover the default password.

Adding devices to your Wi-Fi also means more places for potential security issues, and anyone with your password can potentially see the data traveling around your Wi-Fi. Set up a guest network for any visitors, and change the guest password when they leave so that they can’t see your main network at all.

Related

6 tips to securely share guest Wi-Fi with friends

Make guest access easy backed by robust security

Network security is ever-evolving and there will be more myths to bust in the future

The internet isn’t going away and neither is the number of threats that could be trying to get onto your home network. You can’t assume that what is secure now will always be, and you also can’t assume that every device you add to your network will be safe either. Only by proactively auditing your network for insecurities can you be sure that your data is safe, and that includes safe browsing habits.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here