How to be the Safest Cyber House on the Block

We believe that being safe at work starts by being safe at home.

Working with your workforce on securing their home and personal devices is, from a mindset, habit and practice perspective, just as crucial as maintaining cybersecurity policy compliance at work. If you are a company that values its employees and fosters a people-first culture, then investing time, budget, and effort into a comprehensive human risk management program that includes a "whole person" cyber strategy is essential. 

Here’s a fun and creative look at how to help employees make their homes the safest cyber house on the block.

1. Shared Devices

Home Habit to Work Habit: Creating separate user accounts on shared home devices translates to using individualized logins on shared workstations. This practice ensures that personal data remains private and reduces the risk of unauthorized access.

Risk Level: High - Not securing shared devices can lead to unauthorized access to sensitive information, which could result in data breaches or exposure of personal and professional data.

Awareness Ideas: 

• Create Separate User Accounts: Ensure each family member has their own user account on shared devices. This helps keep personal data private and can limit the impact if one account is compromised.
• Use Parental Controls: For families with children, setting up parental controls can help protect younger users from inappropriate content and restrict app purchases.

2. Personal/Home WiFi Setup

Home Habit to Work Habit: Using strong, unique passwords and updating router firmware at home parallels ensuring strong network security and regular updates for office WiFi. This protects both environments from unauthorized access and cyber threats.

Risk Level: High - Weak WiFi security can lead to unauthorized access, network intrusion, and data theft, jeopardizing both personal information and sensitive work data.

Awareness Ideas: 

• Strong, Unique Passwords: Change the default router password to a strong, unique password. Avoid using easily guessable information like your address or phone number.
• Network Segmentation: Create a guest network for visitors and keep your primary network for your personal devices. This prevents unauthorized access to your main network.
• Regular Updates: Keep your router’s firmware updated to protect against vulnerabilities.

3. Smart Devices (Dot, Alexa, etc.)

Home Habit to Work Habit: Securing smart home devices by changing default settings and passwords mirrors securing IoT devices in the workplace. Proper configuration and regular audits prevent unauthorized access and data leaks.

Risk Level: Medium - Poorly secured smart devices can be exploited for eavesdropping, data theft, or as entry points into larger networks, compromising both home and work environments.

Awareness Ideas: 

• Secure Configurations: Change default settings and passwords on all smart devices. Disable features you don’t use.
• Voice Command Safety: Be cautious with voice commands that can reveal personal information. Configure your devices to not activate with common phrases easily picked up in conversations.
• Regular Audits: Periodically review the apps and services linked to your smart devices and remove any that are no longer necessary.

• Internet of Things (IoT)

Home Habit to Work Habit: Keeping an inventory of connected devices and isolating them on separate networks at home translates to managing and segmenting IoT devices in the workplace. This limits exposure and potential entry points for attackers.

Risk Level: High - Unsecured IoT devices can be hijacked and used in larger cyber attacks, leading to significant security breaches and operational disruptions.

Awareness Ideas: 

• Device Management: Keep an inventory of all connected devices. Regularly check for firmware updates and apply them.
• Privacy Settings: Adjust privacy settings to limit data sharing with third parties. Understand what data is being collected and why.
• Isolation of Devices: Whenever possible, isolate IoT devices on a separate network from your primary devices.

5. Backup and Storage for Personal Use

Home Habit to Work Habit: Regularly backing up personal data and encrypting it mirrors the need for systematic data backups and encryption at work. This ensures data integrity and availability in case of hardware failure or cyber incidents.

Risk Level: Medium - Failure to back up and encrypt data can result in data loss or exposure, leading to significant personal and business repercussions, including loss of critical information and potential regulatory fines.

Awareness Ideas: 

• Regular Backups: Use both local (external hard drives) and cloud backups to ensure your data is protected. Schedule automatic backups to keep your information up to date.
• Encryption: Encrypt sensitive data both on your devices and in backups to add an extra layer of security.
• Access Controls: Ensure that backups are stored securely and that access is restricted to authorized users only.

6. Social Media and OSINT Safety

Home Habit to Work Habit: Practicing caution in sharing personal information on social media aligns with being careful about work-related posts. Both environments benefit from maintaining privacy and minimizing data exposure to potential attackers.

Risk Level: High - Oversharing on social media can lead to social engineering attacks, identity theft, and physical security risks, affecting both personal safety and corporate security.

Awareness Ideas: 

• Limit Oversharing: Avoid posting sensitive information such as your address, vacation plans, or specific details about your daily routine. Cybercriminals can use this information to target you.
• Privacy Settings: Regularly review and update the privacy settings on your social media accounts to control who can see your information.
• Awareness of Metadata: Be cautious about the metadata in the photos you post, which can include location data. Disable location services for your camera app if necessary.
• For companies that care about employees, fostering a people-first culture means showing that you care about their overall well-being, including their cybersecurity at home. By investing in comprehensive training and providing learning content, strategies, guides, and actionable tips, you empower your employees to protect themselves and their families. 

Remember, being safe at work starts by being safe at home. If you’re not regularly supporting your employees with personal cyber safety resources, you're not doing it right. Let us help you build a robust human risk management program that prioritizes the security of your entire community. Get in touch, and we'll show you how to create the safest cyber house on the block.