Crime is an inevitable part of contemporary society. It comes in various forms, from the traditional house-breaks to the modern-day cyber attacks. The rising unemployment rates and declining security budgets constitute a deadly recipe for an uptick in both online and offline crime. Securing the physical home, home network and home computer could not have been a more pressing need than at the current juncture.
Securing the Home
It is easy to turn the home into a stealthy cyber-fortress in our hyper-technological times. Today’s technology can provide security without turning the home into a prison. Shutterworld is an Australian security company which has been securing Australian homes in the past 2 decades by installing window and door security shutters. The little shields indicating that a property is protected by a home security system have become so commonplace that most of us fail to notice them anymore.
Prospective burglars can be deterred by basic measures such as installation of double-cylinder deadlocks on external doors, window locks on windows and deadlocking locks on security screen doors. Unnecessary attention on the house in one’s absence can be pre-empted by suspending newspaper and other deliveries that would otherwise be littering on the front door of the house. Parking a car in the driveway and setting timers on house lights can project a welcome sense of occupancy. Hiring a lawn care company and arranging snow-shoveling during winter can also keep the house breakers at bay.
Securing the Home Wireless Network
We tend to install a wireless router and forget about it. The internet router is one of the most crucial devices in our homes and a gateway to our internet access, and securing it from cybercriminals should be a top-most priority of one and all.
Renaming the Network
The first step in wireless home network security is to change its name or the SSID (Service Set Identifier). A change in the Wi-Fi’s default name would make it difficult for malicious attackers to identify the router and zero in on vulnerabilities.
Setting a Strong Password
Every wireless router comes with a pre-set username and password to install and connect the router for the very first time. This password can be easily guessed if the manufacturer is known. It is therefore crucial to change the password and keep hackers at bay.
Activating Network Encryption
Wireless networks come with multiple encryption languages such as WEP, WPA and WPA2. WPA2 or Wi-Fi Protected Access 2 is the current standard security protocol. Given the imperatives of security, all Wi-Fi certified products should use WPA2 security and activate their network security.
Securing the Home Computer
The operating system and supporting programs, such as the browser, email client and antivirus applications should be constantly updated with latest patches and upgrades in order to secure the home computer against existing and upcoming security threats.
Installing Anti-Virus
Anti-virus softwares are a must and there are a vast array to choose, ranging from Bitdefender and AVG to Kaspersky and Norton. A person averse to splurging on anti-virus softwares could activate the Windows Defender software that accompanies Windows 10. The jury is still out on whether antivirus softwares are necessary for the Mac OS, but there is no doubt that viruses lurk in every corner of the internet underbelly.
Setting up VPN
VPN (Virtual Private Network) software is indispensible while working on a public Wi-Fi. It also has its utility at home, encrypting the data flowing between computers and making it difficult for websites, ISPs and governments to log into an individual’s personal online activities.
Creating a User Account
Every computer user should have a user account, even if he happens to be the sole user of a computer, as an account helps in protecting against computer hackers. A username and a password in Windows or macOS could well be the last line of defence against marauding invaders, especially when the browser automatically logs you into a bunch of sites.
Securing the Internet of Things
There are countless Internet of Things (IoT) devices, including internet-enabled television sets, internet-enabled appliances and temperature control systems, in each modern home. When unsecured, these systems open themselves to attacks by hackers and other intruders intent on installing ransomware, invading personal privacy and assuming control of a device.
Smart devices should only be purchased from reputable vendors. And these devices should be secured by keeping the software updated, using appropriate filters and firewalls, avoiding phishing scams and deploying a second layer of password protection.
Securing the Software Development Process
Process Monitoring
The software development process can go haywire despite the best planning, which is why proactive monitoring is an absolute necessity. Policies on firewall and in the application should monitor sensitive patterns and detect anomalies, if any.
Threat Modeling
Security should not be a one-time function, but should be factored into the entire software development process by means of project-based threat modeling. Threat modeling is a procedure for optimizing security by identifying vulnerabilities and defining suitable counter-measures.
Resource Allocation
Resources are limited and knowing where to focus is of utmost importance. Application risk assessments and threat modeling would assist in understanding risks and using the available resources in an appropriate manner.
Security
Security should be embedded into every software development process through means such as automating the scanning of docker images for security gaps and vulnerabilities. An effective way to embed security into software is to initiate security on boot-up. A device or software, when restarted, initiates a series of boot tests to ensure the authenticity of software and determine any incremental changes.
To conclude, offline and online security is about owning up personal responsibility at the end of the day. The best police force and cyber-security professionals in the world would be rendered ineffective by an irresponsible house owner or a computer user who inadvertently provides free access to a cyber attacker on the prowl.