How 4 of the CIS Controls Can Help Secure Your Home Network

Facing everything from viruses to malware, home and personal networks can be just as vulnerable to cyber crime as organizational systems. We spoke with cyber experts at CIS to learn what steps they take and which of CIS Controls v7.1 they implement to practice cyber safety at home. Here are eight tips to help you protect your home network from cyber threats:

1. Count your devices

Do you have a drawer of old cell phones? A rarely-used tablet lying around the house? CIS Control 1 reminds you that by counting your devices, you’ll have a better idea of where your data resides and how to keep it secure. After all, it’s hard to protect something if you don’t know it exists. Be sure to include printers, mobile devices, and GPS units – anything that connects via wi-fi or Bluetooth. If you want to get rid of old devices, be sure to dispose of (or recycle!) them properly by removing all personally identifiable information (PII) from the hard drive.

2. Inventory all software & apps

CIS Control 2 advises you to familiarize yourself with the applications and software installed on each device in your household. Uninstall any unused or no-longer-needed programs to help reduce your threat surface. Ensure each application you want to keep is up-to-date with the latest security patches.

3. Run anti-malware/anti-virus

Every desktop and laptop computer in your household should have a strong anti-malware / anti-virus program installed. CIS Control 8 highlights how these programs help protect against common vulnerabilities and known cyber attacks. Be sure to run your anti-malware / anti-virus application regularly. Most programs allow you to auto-schedule security checks on a timely basis.
Download the CIS Controls Telework and Small Office Network Security Guide

4. Auto-update when possible

Most operating systems and software today come with an “auto-update” feature. Where available, enable this setting to ensure you always have the latest security updates installed. These updates will help protect you from vulnerabilities and other potential cyber threats. By allowing the program to apply updates automatically, you’ll be able to spend more time using your computer and less time installing security patches.

5. Share with caution

Going on a trip? Whether you’re traveling for business or pleasure, be careful what you share online using social media. Letting others know (via Instagram, Twitter, or Facebook, for example) when you’ll be away from home makes you an easy target for home robbery or other crimes. Wait to share those vacation photos when you return.

6. Beware of suspicious emails

No, that Ethiopian prince is not really trying to bequeath you a million dollars. Apart from clearly fake emails, it’s important to know the signs of a phishing scam so you can avoid falling victim. Phishing is the act of using false or misleading email content to drive the recipient (that’s you) to take action. Phishing emails might ask you to download a file, enter sensitive credentials onto a malicious/monitored website, or send money directly. Sometimes cybercriminals using phishing emails will pose as your bank, the government, or some other trusted entity to get you to act. In almost every case, the suspicious email will have a sense of urgency, encouraging you to take action immediately.

Looking for these things can help you avoid falling victim to a phishing scam:

  • An unfamiliar sender
  • Content with a sense of urgency
  • Content asking for personal information or credentials
  • Hover over the link in the email to see where it really goes; if the two links don’t match, it might be a phishing email

7. Use strong, unique passwords

Every account you manage should use a unique (different) password. Never use the same password across accounts – you run the risk of one account becoming compromised and putting the security of your other accounts in danger.

Additionally, you should use strong passwords to help protect your accounts and data. A strong password contains numbers, letters, and may include special characters. Make sure your password is hard to guess. Keep in mind that some cybercriminals use a “dictionary attack” to guess passwords using common words. Here’s an example to help you harden your passwords:

WEAK: ilovemycat1

BETTER: 1L0V3MYC@T123

BEST: !L0V3MYC@+123

8. Lock down your router

All routers are given a default ID known as a service set identifier (SSID). Follow the guidance of CIS Control 11 and be sure to change the name of your router as soon as you get it. Try to think of something fun and unique (while avoiding using your name) that others will not easily identify. While you’re at it, create a guest network that folks can connect to. It’ll make them happy when they visit and will help keep your home network secure.

If routers come with a default ID that also means they come with a preset password. This will leave you vulnerable and makes it easier for a hacker to access your home network. Use the password tips above and create a new router password.

There you have it – eight tips to help you secure your home network and avoid becoming the next victim of cybercrime. Check out our CIS Controls Telework and Small Office Network Security Guide to ensure your network devices are configured properly.