Secure your home network--and every device attached to it--in 3 simple steps

In 2014, companies announced nearly a breach every day, exposing an average of 1.1. million identities per breach.

For consumers, the news appears grim. From ads on major websites infecting consumers' systems to ransomware that can hold data hostage, criminals continue to successfully steal money and data from half a world away. If companies can't protect themselves from the bad guys, what chance do individual users have? Even the police are falling prey to criminals.

In reality, consumers have a better chance than most companies. Yes, home users are overwhelmingly targets of opportunity, but they can protect themselves by making their systems harder to compromise and looking out for signs of infections.

"You can't just pack it up and give in, even though that may seem to be a reasonable approach," says Mark Nunnikhoven, senior research scientist with OpenDNS. "You need to take reasonable steps to protect yourself."

You might also be interested in reading our comprehensive review of Bitdefender's Box.

For years, security professionals have tried to erect impenetrable digital walls, but that strategy has largely failed. Instead, the latest philosophy focuses on throwing up multiple hurdles in front of attackers and improving awareness--spotting attacks before they can do damage.

For consumers, these techniques boil down to three simple strategies.

1. Don't leave a device vulnerable

With the average person carrying three devices--a smartphone, a tablet, and a desktop or laptop--keeping track of whether all those devices have downloaded the latest updates is a chore. Multiply the workload by the number of family members and keeping up with updates can be an enormous and ongoing project.

A few security services can help the family administrator manage the problems. For Windows users, Secunia's Personal Software Inspector, a free service, checks all third-party software for updates and gives instructions on how to update. For hybrid households, OPSWAT Gears, a free service for less than 25 devices, makes sure that each PC and Mac passes a number of security checks, such as whether it has antivirus, a firewall, and an encrypted hard drive.

"We get you a score for compliance and then we give you the tools to improve your score, either based on systems configuration or third-party applications," says OPSWAT CEO Benny Czarny.

In addition, most major security software makers have made managing multiple devices much easier, albeit for a fee.

2. Monitor your network's traffic

Once your systems are locked down, the next step is to monitor the network for potentially bad traffic. To compromise your computers, attackers must communicate with your network, and that leaves traces.

One option: Look at the logs captured by the network router. More advanced routers--including many high-end consumer models and most models designed for small-business use, have options for logging or even for archiving of logs in the cloud. Another option is use a cloud service, such as OpenDNS, which collects all the domain requests generated by your users, blocking communications to suspect servers and websites and allowing family administrators to filter inappropriate traffic.

"You want to have more visibility into what is going on in your network," says OpenDNS's Nunnikhoven. "That means that you can look at each one of those devices in turn or you can try to go up a level and look at the overall network visibility."

3. Check outbound traffic

Finally, having a firewall turned on and protecting your computer from outside threats is a no-brainer. But for consumers who want more protection, an outbound firewall--such as Little Snitch for Mac OS X and GlassWire on Windows--can alert them to potentially malicious applications trying to connect out to the Internet.

Outbound firewalls, on the other hand, have a somewhat noisome learning curve. Every time an application attempts to communicate with the Internet, the user must allow or deny the request. The firewall will remember the answers for the future, but it generally takes a few days to get to a point where the firewall is not inundating the user with alerts.

Still, the effort can pay off, says Nunnikhoven.

"There is no magic bullet for security," he says. "But with a few relatively low-cost tools, you can create a good layered defense."

Join the CSO newsletter!

Error: Please check your email address.

Tags OpenDNSsecurity

More about Secunia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Robert Lemos

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts