cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Protecting your Home network

Hi All

 

Some sage advice from the NSA was released today:  Best practices for securing your home network:

 

https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3304674/nsa-releases-best-practices-f...

 

Regards

 

Caute_Cautim

 

 

7 Replies
JoePete
Advocate I

Some pretty good tips from the NSA. One piece I wish the NSA would add is "reduce your footprint." Every home device is a potential vector of attack as is every app added to a phone. These are conversations I have in my house every day; I understand how difficult it can be to get people to think before they download. Keep it simple, keep it safe.

ericgeater
Community Champion

Someone from SANS was complaining that the document was too technical.  I suppose that's not a surprise, coming from an agency who thinks they winnowed the Special Publications into a "Top 20"

--
"A claim is as good as its veracity."
dcontesti
Community Champion

@ericgeater   I tend to agree with SANS.  If one reads this as a "techie" or "Security person", it is very straight forward.

 

However, if one puts on their, "I am just a joe user hat", a number of the topics become too technical.  If NSA used this as a basis to train folk, it would be ideal but when I talk to Seniors (my new task in life), MANY do not understand WPA 3 or 2 and their eyes gloss over.

 

Great information for those putting together a security awareness program for home users.

 

d

 

denbesten
Community Champion


@dcontesti wrote:

 

... if one puts on their, "I am just a joe user hat", a number of the topics become too technical....

I agree. We really need to be treating home networks and smart phones like the consumer devices they are.   Like any other consumer products, we really should be developing the products to the point where we have have just two recommendations:  Buy products with a good reputation and keep an eye on the "check engine/service soon" light.

 

"Best practices" documents, like this one are best geared to the professionals and should be used by manufacturers to implement "secure by default".

 

Also, we really ought to be holding manufacturer's responsible for providing "security/safety updates" for the advertised/expected life of their product, just like we do for vehicles and air fryers.

 

 

denbesten
Community Champion


@JoePete wrote:

 I understand how difficult it can be to get people to think before they download. Keep it simple, keep it safe.

I often refer people to Kreb's 3 rules as a way of explaining this.

JoePete
Advocate I


@denbesten wrote:
I often refer people to Kreb's 3 rules as a way of explaining this.

Excellent. I never saw those before. Especially in the context of trying to deliver "non-tech" or "low-tech" advice, I think this hits the mark. I think there remains a huge deficit in elementary and junior high education. As I say, by the time we professionals see these "kids" in the work place, they have a good 8-12 years of tech habits. I know the Center for Cyber Safety and Education had its efforts, but there is a real need for a full curriculum. Maybe other folks have had better experience, but if we are serious about workplace and home security (and there's not much difference between those two these days), the message needs to get into the schools.

Vikingo
Viewer

These are some great piece of advise. but as mentioned by other previously it can quickly become to technical.

I started to have great experience using ChatGPT to explain basic network concepts for my documentation to higher ups.

A perfect use case for this is, to simply just ask "Explain XYZ to me as I am 10 years old"

best way to get the executives onboard and have a better understanding before making decisions.