Securing yourself during Christmas (and the rest of the year)

Securing yourself during Christmas (and the rest of the year)

We are always at risk of being hacked, but Christmas is the high season for malicious actors looking to take advantage of people. I've taken steps to secure myself to the best of my ability and I'll now share some of them with you.

Password manager and MFA

I've been using the 1password password manager for the past 7 years and can tell you it's quite intuitive and easy to use at this point. I share a family license with my wife, and we can share passwords in a shared vault and keep our own passwords in separate vaults. 1Password can generate passwords for you, keep track of leaked passwords and warn you if any of your own passwords has been detected in known leaks. If your passwords are weak, you will be advised to change them.

1Password makes you aware of your password strength

1Password is also able to keep track of multi-factor authentication and can set up and autofill codes for you, which is super helpful!

Securing my smart home

I'm an avid user of smart home devices and gadgets. You might have heard that IoT devices have terrible security and can be an entry point into your network. Some might think: "ahh, doesn't matter, there is nothing of interest on my WiFi". The issue, however, is if your computer, server, or even router is not properly secure - attackers can do substantial damage if they're able to compromise your devices.

You can take several steps to secure your smart home, varying in complexity. If you're tech-savvy I'd recommend doing everything, if not, the more you can manage, the better.

1. Strong password on your WiFi network

Set a strong password on your WiFi. Ideally, something generated by your password manager. If you'd like a password that is easy to remember, use four or more random words like gale-micah-soggy-hemline (Do not use this).

Depending on your router, you can change your WiFi password in the router's app or by going to your router's webserver. Refer to the user manual.

2. Strong password on the router's administrator interface

Routers come with an administrator interface that can be used to administer router settings and networks. With newer routers, this is usually done with an app provided by the manufacturer, while older routers are managed via their webserver. Refer to the user manual if you're uncertain.

Make sure the account to administer the router settings has a strong password. Routers often come with a default username and password of admin:admin which is not secure.

3. Separate network for your IoT devices

Put all of your WiFi-enabled IoT devices on their own separate WiFi network. By banishing your possibly vulnerable smart devices to their own designated network, you can safeguard your main network against IoT threats.

Many modern routers allow you to create multiple networks or guest networks. If your router does not offer this feature, consider getting a new router.

4. Separate network for your guests

This might seem harsh, but just like humans, computers and phones can carry viruses. If your guests bring a 'sick' computer onto your network, it opens your devices to potential threats.

5. Keep your devices up to date

IoT suppliers do not issue updates for fun, a lot of updates contain patches for discovered vulnerabilities. If your router, access point, or fancy RGB lightbulb was last updated in 2019 it might be time for an update.

6. Use a firewall

More advanced routers may have integrated firewalls offering IDS/IPS capabilities. Intrusion Detection Systems (IDS) monitor your network(s) for malicious activity and alert you if anything is detected. Intrusion Prevention Systems (IPS) take action to prevent malicious activity on your network. Ubiquity has powerful routers offering this functionality.

You can also deploy your own firewall, but that is beyond the scope of this post.

Are you done yet?

Yes, following these steps are by no means a guarantee that you won't be hacked. The idea is to put as many hurdles between the burglar and your valuables (imagine the Home Alone movies). Skilled and motivated hackers might be able to find their way into your network and devices anyways, all we can do is make it hard enough so that they give up along the way.

You can take even further steps to secure yourself, this is just a starting point for most people. I will continue to share tips to further strengthen your own and your company's security posture. What's next? Tinfoil hats? 🤔