Last week we kicked off the Cybersecurity and Infrastructure Agency’s (CISA) Cybersecurity Awareness Month with a post called If You Connect It, Protect It. Check it out for a quick read on the importance of securing every connected device—no matter how insignificant it might seem.
Cruising into week two we’ll shift our focus to look at how critical it is to protect not only the devices your business depends on, but the ones you keep in your home.
So Many Devices to Secure
Statista projects that there will be 21.5 billion connected devices worldwide by the year 2025. Based on population growth projections that totals out to around 2.5 devices for every single human on the planet in 2025. That’s a lot of stuff to secure!
In terms of household devices, the average US household already has 11 connected devices, with 5G projected to increase that number.
Meanwhile, 59% of businesses allow their employees to use their personal devices for work purposes in addition to the many devices businesses already depend on. The bring your own device (BYOD) market itself is on track to hit $367 billion by 2022.
And with this year’s concerns around COVID-19, there are now more employees working remotely, blurring the lines between work data, personal data, and all the devices that create, store, and move data around.
Luckily, there are some simple steps you can take to secure devices whether they’re built for business or home.
Securing Your Devices at Home
We explored the many devices you should secure in our last post. Now we’ll look at three steps you can take to keep those devices secure.
Improve Your Device Passwords
Most devices give you the option to create a password. First, be sure you’re updating factory-default device passwords. Wi-Fi routers in particular usually have a default password. Next, be sure that you’re using a complex, secure password on every device and for every app you use. Last, if you have the option for a pin, two-factor authentication or other security feature on your smartphone, tablet, or wearable, it’s wise to add that as well.
Update App Permissions
Most apps require access to information on your device in order to perform various functions. But some overstep their bounds by collecting personal information that can put your identity and privacy at risk. To update these permissions, check the privacy settings on your device as well as the individual app settings. That’s where you should be able to modify the types of information an app can access on your device.
Protect Your Network
Internet-connected devices often connect through a single router. In addition to using a secure Wi-Fi password, many people will set up a dedicated network for mobile devices, enable firewalls, and even set up a virtual private network (VPN) in order to keep their browsing private and secure.
Ironclad Security at Work
Covering every piece of a business’s cybersecurity plan is beyond the scope of this post, but here are three steps that you could easily skip when it comes to cybersecurity at work—but shouldn’t.
Since updates can require planned downtime or additional effort, some admins skip them. But one of the best ways to keep information secure in any business is to keep systems up to date. Many patches and updates contain security fixes that address vulnerabilities. Rather than risk it, it’s best to update systems as soon as possible.
Implement a Disaster Recovery Plan
There are backups, then there’s disaster recovery (DR). A good DR plan will keep data safe from ransomware, end-user deletions, or hardware failure. Since disaster recovery plans focus on backup and swift recovery, your DR plan will also help reduce the cost of downtime. Check out StorageCraft’s suite of products if you need a solid DR solution.
Educate End Users
Your users don’t know what they don’t know. That’s why no comprehensive cybersecurity plan is complete without a curriculum for educating them. From ransomware to phishing and social engineering, there’s a growing list of risks out there. You must help users do their jobs safely, and when it comes to security, knowledge is power.
Keeping Work Data on Work Devices
Though the lines between work and home are blurring, it’s still best to keep personal information on personal devices and work information on work devices. It’s tempting to let data flow freely between them, but a better approach is to keep data segregated and secure in its own ecosystem. That way there’s less of a chance that data falls into the wrong hands by ending up in a less secure application, like inside a personal email client or cloud storage.
In our next post for Cybersecurity Month, we’ll focus on securing internet-connected devices in healthcare.