31 August 2017
The problem with home technology is that it is increasingly complex and someone who does not work in the industry just can not keep up. The average home of three residents may have a dozen Internet aware devices from PC to laptop to tablet to Fitbit and all the other Internet of Things devices.
All of these connect to the Internet by way of a router and that is the first, most likely, security failure in a home netwok.
- Buying a cheap router is the first problem that homeowners run into. This is the single most vital piece of networking equipment for a home and is an incredibly complex piece of electronics. Spending the money for a good system is worth it. In addition to higher performance and better reliability, the more expensive routers offer a much higher level of security.
- Router set up. Three elements are critical and the most basic.
- First and foremost is to update the firmware. Since the average homeowner does not know that firmware exists this step is usually skipped. The vendor nearly always provides increased security and performance updates after manufacturing. These are released through software (aka firmware) upgrades to the operating system of the hardware. Since they have to downloaded and installed in steps specific to that model of router it is a sufficiently geeky process that most non-technical people will just give up.
- Change the default password to access the router. This is so critical and so frequently neglected that it is included as a HIPAA requirement for medical businesses and is nearly always forgotten by non-technical users who just want to get online. The default password for any given router can easily be found on the Internet.
- Solid wireless password. Easy to remember, easy to enter into phone and Fitbit but sufficiently complex to be difficult to guess. Password123 is not a good choice. There was a case in Florida where someone on a boat was trading child pornography on his computer using the unsecured wireless signal of a local apartment. The police initially arrested the apartment owner before figuring out the actual origin of the porn.
- Pay the money to have a professional set up your system. If this is done correctly it is a one-time cost. Having someone who understands how routers interact with your network is well worth the expense and having them document the settings and security is invaluable.
After securing the network, the next most frequent problem we see is a combination of poor password control and the habit of clicking on unknown (and sometimes even known) email links.
The time has long passed where simple reused passwords are viable on the Internet. Anything other than a complex password like Et35FL!#Hk is too easily hacked. If the password is used more than once then multiple accounts will be compromised with a single hack. We still see this and have recommended on numerous occasions password managers like Roboform, Lastpass, Fastlane, or the like.
Next on the list is just exercising common sense. Links like “Your UPS package has been delayed, click here for information” are just invitations to disaster. This is entirely a social engineering problem that has been around since before the days of the traveling medicine show. No amount of secure technology can defeat a user determined to circumvent it.
And finally what we are seeing more of in recent history is our customers connecting to web sites that have not maintained their security. Accessing the site results in a pop up page that locks the computer and says something like “We noted a problem with your PC. As a Microsoft Certified information technology company we monitor PC’s and offer repairs when we see they are in trouble. We believe your PC has a virus but do not worry, we can help! Give us a call at………………..”. Of course the customer calls, gives up their credit card to fix a non-existent problem and down the rabbit hole they go. The best metaphor I can come up with is that of driving into a shopping center parking lot and having some random stranger say they hear a problem with your car and if you give them some money they will fix it right now. Once under the hood things rapidly become worse but are still fixable for a price. While not too many people would fall for the car scenario they will give a stranger money and access to their PC without question.
All of the above can be avoided by having a relationship with a local computer company. We help residential customers in such situations every day. The smartest ones realize that a small investment up front will prevent a huge cost and a lot of heartache on the back end.
Give us a call at 512-931-4134 and we’ll tell you how to keep your family technology out of trouble.