One of the things I have advocated for the past few years, and I talked about it yesterday in my blog is the concept of overwhelming bandwidth issues for home networks. Most home networks were designed piece meal. Literally built from an ISP router outward. You may have added extenders for your network you may not have. But at the very least you have that ISP router, that may not have been updated since you got it, and one, if not two Wi-Fi networks.
I highly recommend two things.
1. Get a separate router for your IoT wi-fi network. Why? Because you can control that second router. The best way to secure a device you aren’t using IS TO TURN IT OFF. The best way to break the hold of a hacker on your devices is TO TURN OFF THE Wi-Fi. If the device and the wi-fi turn back on, and you didn’t do it, then you know to unplug devices and begin the testing process.
2. Use easy to remember pass phrases that meet the security rules. Pass phrases that substitute symbols for letters. I@MWORKING!ONMYNETWORK is a great pass phrase. It is also something you can say to people as you are watching football. Although I will warn you if you keep using the excuse your family will figure it out.
Security has to be simple. Not hard otherwise people won’t do it. I started out in the IT world as people were first introduced to the concepts of passwords. People didn’t often change their passwords so we (the IT leadership team) where I worked decided we would force password changes. The first time we did it manually resetting all the passwords on our Novell Server. That wasn’t well received and so we ended up using the automated system going forward. Allowing people to change their passwords 10 days before, 5 days before and so on. We still ended up with a number of people calling our help line because they hadn’t reset their password.
In fact, there was a time when more than 80% of the calls we got on the help line was resetting passwords. That number dropped, but stayed somewhat high. People have two issues with passwords, the first is they forget them. The second is they forget to change them!
The reality of IoT security, home network security and mobile security is the reality of setting passcodes and remember them. Changing the Pin on your ATM card, having different codes for different types of information are all things you need to focus on and do.
Yesterday there was an announcement that Yahoo has suffered a massive breach. More than 1 billion email accounts potentially hacked. The reality of Yahoo, Hotmail and Gmail is the password risk. Making your passwords rotated and using different pass phrases will reduce your risk. There is no way to guarantee that you won’t get hacked, but at least you can reduce your surface area.
Just as a reminder there are more than 12 billion IoT devices deployed today. Many of them are sitting in people’s homes. From Cell phones to Kindles there is risk. From phishing and other email and web attacks the number of risks is growing.
Luckily there is an easy button for security. Use pass phrases that make sense to you. Use different ones for different accounts. Make sure you can remember them without writing them down. Writing down a password is the same as sharing it with the world. Yes, it helps you remember, but it also makes it possible for someone to get the information. Don’t write down your password. My father used to say lock the gate, I would ask why and he would say because it keeps honest people honest. Have passcodes, use them, change them and most importantly make them something you know and someone else would never guess.
I@Mworkingon!mynetwork is not my pass phrase but you get the concept and idea from the phrase! Make it something that you remember!