Category Archives: Cybersecurity

Free photos of Computer

Home Security: Why You Should Put IoT Devices on a Guest Wi-Fi Network

The number of internet-connected devices in homes has been growing. It’s increased exponentially over the last decade. A typical home now has 10.37 devices connected to the internet. PCs and mobile devices make up a little over half of those and the rest are IoT devices.

IoT stands for Internet of Things. It means any other type of “smart device” that connects online. IoT devices in a home can be everything from your streaming stick to your smart refrigerator. Smart baby monitors and Alexa voice assistants are also IoT.

There’s also been another change that has happened over the last couple of years. It has been the increase in remote and hybrid work. The pandemic caused a major shift in where we work, turning the standard office paradigm on its head.

Now, working remotely has become the norm for many companies around the world. This has put increased scrutiny on the security of all those IoT devices. They are now sharing a Wi-Fi network with business data and devices.

Here are two alarming statistics that illustrate the issue with IoT security:

  • During the first six months of 2021, the number of IoT cyberattacks was up by 135% over the prior year.
  • It’s estimated that over 25% of cyberattacks against businesses involve IoT devices

Hackers Use IoT Devices to Get to Computers & Smartphones

Smart devices are a risk to any other device on a network. They are typically easier to breach. So, hackers will use them as a gateway into more sensitive devices.

A criminal may not care about the shopping list stored in your smart refrigerator. But they’ll breach that IoT device to see what other devices are on the same network.

The hacker can then use sharing and permissions that are often present on home networks. Through these, they gain access to your work computer or mobile device. These devices hold important data, and access to personal details.

Why are IoT devices less secure than computers and smartphones? Here are a few reasons:

  • They usually won’t have antivirus or anti-malware capabilities
  • Users often don’t update IoT devices regularly
  • They have basic interfaces which can hide a breach of the device
  • People often don’t change the default device username and password.
  • Sharing settings on IoT devices makes them easier to hack

Improve Security by Putting IoT on a Separate Wi-Fi Network

Just about all modern routers will have the ability to set up a second Wi-Fi network, called a “guest network.” This shows up when you connect to Wi-Fi as a separate Wi-Fi that a device can use to get online.

Separate Wi-Fi

By putting all your IoT devices on a separate network you improve security. You cut that bridge that hackers use to go from an IoT device to another device on the same network. Such as those that hold sensitive information (computers and mobile devices).

In fact, when you separate those two (IoT devices and sensitive-info devices) a hacker can’t see all. If they breach one of your smart devices, they can’t tell you have a PC or smartphone. This is because they’re on the other network.

This is an important layer of security to use. Whether you’re a remote worker or use your computer for home budgeting and banking, it can help. All PCs and smartphones usually contain access to online banking or personal information.

Here are the steps to take to separate your IoT devices. (Note, you can also have this done by us, we’ll be happy to handle all these steps for you.)

  • Step 1: Log into your router settings.
  • Step 2: Look for an area that allows you to set up a guest network. This will be different for each router, so you may need to access a help guide online.
  • Step 3: Set up the guest network according to the router prompts. Make sure to use a strong password.
  • Step 4: Edit the password for your existing network. This keeps IoT devices from automatically reconnecting to it.
  • Step 5: Connect all IoT devices in your home to the new guest network.
  • Step 6: Reconnect your sensitive devices (computers, smartphones) to the preexisting network. Use the new password.

As you add any new devices to your home network, make sure to connect them to the appropriate network. This keeps the layer of security effective.

One more tip: When naming your Wi-Fi networks, don’t use descriptive names. This includes things like “IoT network” or your name, address, or router model name.

It’s best to use names that won’t give the hackers valuable information they can use in attacks.

Need Help Upgrading Your Home Cybersecurity?

With so many remote workers, hackers have begun targeting home networks. They know they can contain sensitive business as well as personal data. Don’t leave yourself open to a breach. Schedule a home internet security review today!


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.

Registration, Log In, Keyboard, Hand, Write

Which Form of MFA Is the Most Secure? Which Is the Most Convenient?

Credential theft is now at an all-time high and is responsible for more data breaches than any other type of attack.

With data and business processes now largely cloud-based, a user’s password is the quickest and easiest way to conduct many different types of dangerous activities.

Being logged in as a user (especially if they have admin privileges) can allow a criminal to send out phishing emails from your company account to your staff and customers. The hacker can also infect your cloud data with ransomware and demand thousands of dollars to give it back.

How do you protect your online accounts, data, and business operations? One of the best ways is with multi-factor authentication (MFA).

It provides a significant barrier to cybercriminals even if they have a legitimate user credential to log in. This is because they most likely will not have access to the device that receives the MFA code required to complete the authentication process.

What Are the Three Main Methods of MFA?

When you implement multi-factor authentication at your business, it’s important to compare the three main methods of MFA and not just assume all methods are the same. There are key differences that make some more secure than others and some more convenient.

Let’s take a look at what these three methods are:

SMS-based

The form of MFA that people are most familiar with is SMS-based. This one uses text messaging to authenticate the user.

The user will typically enter their mobile number when setting up MFA. Then, whenever they log into their account, they will receive a text message with a time-sensitive code that must be entered. 

On-device Prompt in an App

Another type of multi-factor authentication will use a special app to push through the code. The user still generates the MFA code at login, but rather than receiving the code via SMS, it’s received through the app.

This is usually done via a push notification, and it can be used with a mobile app or desktop app in many cases.

Security Key

The third key method of MFA involves using a separate security key that you can insert into a PC or mobile device to authenticate the login. The key itself is purchased at the time the MFA solution is set up and will be the thing that receives the authentication code and implements it automatically.

The MFA security key is typically smaller than a traditional thumb drive and must be carried by the user to authenticate when they log into a system.

Now, let’s look at the differences between these three methods.

Most Convenient Form of MFA?

Users can often feel that MFA is slowing them down. This can be worse if they need to learn a new app or try to remember a tiny security key (what if they lose that key?).

This user inconvenience can cause companies to leave their cloud accounts less protected by not using multi-factor authentication.

If you face user pushback and are looking for the most convenient form of MFA, it would be the SMS-based MFA.

Most people are already used to getting text messages on their phones so there is no new interface to learn and no app to install.

Most Secure Form of MFA?

If your company handles sensitive data in a cloud platform, such as your online accounting solution, then it may be in your best interest to go for security.

The most secure form of MFA is the security key.

The security key, being a separate device altogether, won’t leave your accounts unprotected in the event of a mobile phone being lost or stolen. Both the SMS-based and app-based versions would leave your accounts at risk in this scenario.

The SMS-based is actually the least secure because there is malware out there now that can clone a SIM card, which would allow a hacker to get those MFA text messages.

A Google study looked at the effectiveness of these three methods of MFA at blocking three different types of attacks. The security key was the most secure overall.

Percentage of attacks blocked:

  • SMS-based: between 76 – 100% 
  • On-device app prompt: between 90 – 100%
  • Security key: 100% for all three attack types

What’s in Between?

So, where does the app with an on-device prompt fit in? Right in between the other two MFA methods.

Using an MFA application that delivers the code via push notification is more secure than the SMS-based MFA. It’s also more convenient than needing to carry around a separate security key that could quickly become lost or misplaced.

Looking for Help Setting Up MFA at Your Company?

Multi-factor authentication is a “must-have” solution in today’s threat climate. Let’s discuss your barrier points and come up with a solution together to keep your cloud environment better secured.


Featured Image Credit

This Article has been Republished with Permission from The Technology Press.