Digital Forensics & Incident Response Strategic Services Advanced Testing Services Managed Security Services
May 19, 2020
Keep Your Family Cybersecure

In this time of uncertainty and doubt we should be taking extra steps to ensure our family members are practicing safe Internet security practices.

There has been a marked increase in online cyber security attacks over the past several months. Most are aimed at individuals that are often times working remotely or from a home office. Individuals are easier targets when they are not in their usually corporate office space.

Working remotely creates some specific disadvantages regarding endpoint and data protection. Here are a few recommendations you can apply to reduce online security risks for you, your family and your organization’s intellectual property.

1. Back to Basics

Set aside time to discuss your family’s online behavior.  Remind them of the following online best practices:

  • Do not to open any emails they weren’t already expecting to get
  • Do not click on any links that look strange or out of the ordinary
  • Consider changing your passwords if it’s been more than 90 days
  • Review the list of services you have accounts with and consider cancelling them if no longer needed
  • Be wary of emails that were forwarded to you from a known contact that don’t look right or if it isn’t something they would normally send
  • When browsing the Internet, look for the security padlock. Usually located on the left-hand side of your browser’s address window.
  • Tells kids and the senior members of your family to practice a “zero-trust” approach. This means they should scrutinize every online transaction, email and website. If it doesn’t feel right, then they should either ignore it, delete or tell someone about it.

2. Endpoint Security

We would highly encourage you to purchase or enable existing security software designed to protect your laptop, desktop and mobile devices. Now more than ever, we should all make sure we don’t introduce potential malware, viruses, etc. onto our home and corporate owned PC’s.

If you are one of the lucky ones to own a corporate owned and maintained device, make sure you are getting all of the same updates and levels of security protection while working remotely.

If you own your own device(s) make sure you have up-to-date virus protection software that provides email, Internet and local file protection. Check to see if the subscription on your endpoint security application has expired.

3. Google yourself

If you’ve never done it, you should take a few minutes to perform a few simple checks about your own online identity(s). Most people have more than 1 email address. Most people also have more than 10 online subscriptions. In a perfect world you would use separate login ID’s and passwords for all of the online services that you subscribe to. Unfortunately, this is typically not the case. Most of us are guilty of re-using the same login ID and password combination over and over. If this sounds familiar, you may want to run a few self-diagnostics on your identities. Start with the simple email account check to see if any of the services you use have been breached.

Have I Been Pwned: https://haveibeenpwned.com/

If you get some bad news, you may want to re-read item #1 above (Back to Basics)

4. Knowledge is Power

Read up on current threats. Find local resources to help you. In my resident state of Michigan, experts will come out to schools or local community groups to educate students and parents on cybersecurity risks and challenges. You don’t need to be a security expert to know there are many more online threats today than ever before. Educating yourself is one of the best things you can do. Here are a few good sites to visit for insightful information regarding the current threat landscape on the Internet.

https://cbisecure.com/insights/

https://krebsonsecurity.com/

https://www.darkreading.com/attacks-breaches.asp

https://threatpost.com/

https://www.cnet.com/topics/security/

https://www.securityweek.com/

5. Be a watchful parent

In most cases, kids understand today’s technologies better than their parents. They are growing up fast, and they know how to get around controls. At the same time, understand that bad actors have infiltrated social media and apps, even those – especially those – that cater to minors. They are master manipulators, and they are everywhere.

Unfortunately we are all a bit more sheltered than we would like so we all need to become experts on mobile devices. Both Apple and Android phones have some great resources that you can use yourself to ensure you and your family are as secure as possible when using mobile devices.

https://support.apple.com/en-us/HT201304

https://www.howtogeek.com/366653/how-to-make-android-as-secure-as-possible/

https://www.pcworld.com/article/3332211/secure-android-phone.html

Learn how to put the right settings in place. Turn off all adult content. For younger children, only allow text. No more Snapchat – you can hide anything. Get extra controls from applications such as Bark or SaferKid.

6. Know your own network

More of us are working from our home offices than ever before. A large portion of home networks are very simple. If you’re like most people you have a “box” somewhere in the house that magically connects you and your family to the Internet. Some of the more sophisticated users will have separate routers, firewalls and switches throughout the house. In any case, you cannot afford to overlook the security holes that may already be present.  Take time to perform some of the following basic maintenance tasks:

  • Go to the manufacturers’ websites for all Internet connected equipment throughout the house and update its software or firmware. It’s easy, free and impacts security in a very positive way.
  • If you have a separate wireless router and firewall take time to go through the administrative setup of the device(s) and read the recommended security settings. Most modern wireless devices have easy to understand setup instructions.
  • If it’s been a while you may want to consider changing the administrative passwords on the Internet connected devices in your home. Don’t forget video surveillance cameras. Most people install the device without changing the default password. These passwords are well known and could potentially provide an easy path for unwanted and unauthorized access to your home network.

7. Speaking of Cameras

Consider putting a physical block in front of the camera lens. Adapters and even some masking tape can do the trick. Be selective on which applications you allow to access to your computers’ microphones or your cameras.

8. Clean house

Do a thorough review of your laptop, desktop and phone and get rid of anything you aren’t currently using.  Bad actors can find their way into apps you are not actively using or monitoring.

9. Use apps that allow you to monitor their social contact

Many apps exist that allow you to forward all your kids’ texts to you, or to see across all their social media. This is extremely helpful to detect bullying, inappropriate sexual contact or other dangerous situations, or manipulative cyber behavior that your kids may not yet recognize or have not told you about.

These apps allow you to limit, restrict or block access to certain apps, contacts, texts, calls or ads. Many of these apps also have location controls so you always know where your kids are. Here are some examples:

Bark https://www.bark.us/

SaferKid https://www.saferkid.com/

mSpy https://www.mspy.com/

Teen Safe https://teensafe.com/

Kidgy Parental Control App https://kidgy.com/

10. Talk to your kids

To protect our kids from the darker truths, it is important to educate them to recognize danger and know what to do if they face scary situations.

Educate your kids on what is appropriate and what is not, and why. People can abuse children remotely. Explain to your kids what can happen. Pedophiles are manipulative; it’s up to you as parents to learn about these threats and put your kids in the safest position possible.

We have an article for your kids to read, to help them understand what they need to look for and how to keep their devices safe when online.

About the Author
CBI Dan Gregory
Dan Gregory
VP | Systems Engineering
Dan has more than 15 years of field experience in performing regulatory compliance controls assessments and policy review. Dan has extensive experience in development and internal process audits with a focus on the financial, healthcare, manufacturing, and retail industries. Dan has performed countless controls assessments and efficiently deploys solution-based integrations designed to protect critical infrastructure, data, brand confidence, and reputation.
I Need To...
S
Safeguard my data and my brand
Solutions
E
Envision my cybersecurity program
Digital Forensics & Incident Response
C
Comply with regulations
Strategic Services
U
Uncover what I have
Advanced Testing Services
R
Run my cybersecurity operations
Managed Security Services
E
Elevate my business
Why CBi