Don't Miss Out on the Best Specials of the Year Available Now - Top Training, Top Instruction!

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Home & Small Office

Featuring 47 Papers as of March 10, 2021

  • Remote Workforce Impact on Threat Defenses Graduate Student Research
    by Sean Goodwin - March 10, 2021 

    As organizations embrace remote work, the defensive security posture needs to be re-examined to effectively address threats while facing new or different constraints and tools. This paper investigates the prevention and detection control effectiveness against the known adversary Tactics, Techniques, and Procedures (TTPs) documented within the MITRE ATT&CK (R) taxonomy in a remote working (work from home, WFH) environment.

  • Making and Keeping Work-at-Home Operations Safe and Productive Analyst Paper (requires membership in community)
    by John Pescatore - July 8, 2020 

    Workforce mobility, endpoint security and data protection risks have amplified since the COVID-19 pandemic. Organizations have had to address a variety of remote worker challenges including security teams working from home (WFH). While secure remote access capacity and cloud usage for business continuity has accelerated, business are now realizing productivity and operational advantages -- projecting a shift towards increased remote workplace flexibility and permanence.

  • Defense in Depth for a Small Office/Home Office Graduate Student Research
    by Gregory Melton - December 18, 2019 

    Much attention is given to enterprise security with expensive solutions and teams of both IT and security personnel, but the home office may only ever be proactively defended by a single amateur or hobbyist. Large scale corporate solutions may deal with Advanced Persistent Threats (APTs) and corporate espionage, but there are far fewer solutions to home office threats. This paper focuses on best practices for a home network running minimal servers to protect from casual browsing and careless home users. This research intends to demonstrate meaningful defense of endpoints in a local network by drastically reducing potential communication to C2 nodes and data exfiltration with proper filtering and minimal extra hardware.

  • A Swipe and a Tap: Does Marketing Easier 2FA Increase Adoption? Graduate Student Research
    by Preston Ackerman - November 19, 2018 

    Data breaches and Internet-enabled fraud remain a costly and troubling issue for businesses and home end-users alike. Two-factor authentication (2FA) has long held promise as one of the most viable solutions that enables ordinary users to implement extraordinary protection. A security industry push for widespread 2FA availability has resulted in the service being offered free of charge on most major platforms; however, user adoption remains low. A previous study (Ackerman, 2017) indicated that awareness videos can influence user behavior by providing a clear message which outlines personal risks, offers a mitigation strategy, and demonstrates the ease of implementing the mitigating measure. Building on that previous work, this study, focused on younger millennials between 21 and 26 years of age, seeks to reveal additional insights by designing experiments around the following key questions: 1) Does including a real-time implementation demonstration increase user adoption? 2) Does marketing the convenient push notification form of 2FA, rather than the popular SMS text method, increase user adoption? To address these questions, a two-phase study exposed groups of users to different video messages advocating use of 2FA. Each phase of the survey collected data measuring self-efficacy, fear, response costs and efficacy, perceived threat vulnerability and severity, and behavioral intent. The second phase also collected survey data regarding actual 2FA adoption. The insights derived from subsequent analysis could be applicable not just to increasing 2FA adoption but to security awareness programs more generally.

  • Cyber Defense Challenges from the Small and Medium-Sized Business Perspective Graduate Student Research
    by Aric Asti - November 17, 2017 

    With 5.7 million SMBs in the United States, it is essential that the risks involving cybersecurity events are identified. Small and medium-sized businesses (SMBs) face different challenges than large enterprises in regard to cybersecurity. The goal of this project was to survey SMBs and reveal organizational barriers that impact the cybersecurity posture of SMBs. An online survey was administered with a final sample size of 22 SMBs. Significant results showed that the top challenges were finances to pay talent, regulatory compliance and professionally available talent. As a result of inadequate information technology (IT) and cybersecurity staffing, 64% of respondents were unaware if a successful cyber-attack had taken place. The significant challenge SMBs face is their security posture and knowing if they have been or are being targeted against a cyber-attack. The main objective of this project was to show the security profile of the typical SMB. Educational, software and hardware tools should be promoted to increase the security posture of SMBs. Further research might focus more on the staffing and dedicated hours of IT and cybersecurity employees.

  • Securing the Home IoT Network Graduate Student Research
    by Manuel Leos Rivas - April 5, 2017 

    The Internet of Things (IoT) has proven its ability to cause massive service disruption because of the lack of security in many devices. The vulnerabilities that allow those denial of service attacks are often caused due to poor or no security practices when developing or installing the products. The common home network is not designed to protect against the design errors in IoT devices that expose the privacy of the users. The affordable price of single board computers (SBC) and their small power requirements and customization capabilities can help improve the protection of the home IoT network. SBC can also add powerful features such as auditing, inspection, authentication, and authorization to improve controls pertaining to who and what can have access. Implementing a home-control gateway when properly configured reduces some common risks associated with IoT such as vendor-embedded backdoors and default credentials. Having an open source trusted device with a configuration shared and audited by many experts can reduce many of the bugs and misconfigurations introduced by vendor security program deficiencies.

  • Shoestring Virtualization - Reducing the Risk to Small Business Data from Compromised Remote Networks Graduate Student Research
    by Christopher Jarko - October 14, 2015 

    Many organizations with significant amounts of data worth protecting also have robust security awareness programs and clear, detailed security policies. When employees from these companies remote in from an infected network, what happens then? A user can be fully compliant with all organizational policies and procedures and be up to date on all security awareness training, but the networks used to remotely access corporate data are populated by users beyond the scope of organizational policy. The use of Virtual Private Networks (VPNs) to remotely access organizational networks has become commonplace, but this may not be enough. This paper will examine different technical approaches to mitigate the problem. Companies can restrict remote access to company-issued hardware, which has benefits but also carries significant costs. Another option is to provide enterprise virtual desktop infrastructure, but this is cost-prohibitive for many small businesses. Local desktop virtualization provides the best solution. Using software such as VMware Player and a custom-built, restricted image provides the company full control of the desktop environment and can restrict data storage to company-controlled servers.

  • Protecting Home Devices from Malicious or Blacklisted Websites Graduate Student Research
    by Sumesh Shivdas - August 10, 2015 

    The majority of the devices on a home network have unrestricted outbound connectivity to the Internet. (Barcena & Wueest, 2015) Other than the use of “opendns”, which only provides some protection against phishing, fraud and limited blacklisting, a homeowner’s options are limited. To provide protection from known malicious sites and produce DNS query logs for further detailed analysis, a simple virtual machine set up with DNS is proposed. When coupled with “opendns”, unlimited blacklisting capability and automatic updates to block malicious sites from all devices is provided. The solution also provides the capability to analyze all the DNS logs using a log based Intrusion Detection System like OSSEC.

  • SOHO Remote Access VPN. Easy as Pie, Raspberry Pi... Graduate Student Research
    by Eric Jodoin - December 4, 2013 

    Free, unencrypted Wireless Access Points (WAPs) have proliferated and are now found in various locations including restaurants, libraries, schools, hotels, airports, etc.

  • Protecting Small Business Banking by Susan Bradley - July 22, 2013 

    Over the last several years, the use of online banking and other financial transactions have risen dramatically.

  • Small Business: The New Target What can they Do? Graduate Student Research
    by Robert Comella - July 5, 2012 

    When many think of IT security they think about what they see in movies and on TV.

  • A Small Business No Budget Implementation of the SANS 20 Security Controls by Russell Eubanks - August 31, 2011 

    The SANS 20 Security Controls were developed in 2009 to help businesses large and small embrace a framework that would promote continuous monitoring and increase network awareness (SANS, 2011).

  • A Virtually Secure Browser by Seth Misenar - June 16, 2009 

    This paper will discuss an increasingly important aspect of information security, the web browser. Sandboxing and application virtualization will be discussed.

  • Design Secure Network Segmentation Approach by Ibrahim Al-Ateeq - October 5, 2005 

    In this document I will discuss some issues related to security on network and how design a secure network. We will look to network segmentations and how it will help us to identify the network topology.

  • Case Study: Home Network Redesign by Nate Wilson - October 5, 2005 

    My goal with this practical is to take a fresh look at my network to make it secure, while maintaining functionally and to do so for as little money as possible.

  • Web Browser Insecurity by Paul Asadoorian - June 2, 2005 

    There has been much debate lately between two different browsers, namely Microsoft's Internet Explorer and the Mozilla Project's Firefox web browser. Security is in the center of this debate, accompanied by features and usability.

  • Free Tools and Tips to Help Secure Your Home PC by John Hochevar - January 17, 2005 

    This paper will emphasize free software alternatives to combat viruses/Trojans, protect against spyware, provide safe Internet browsing, prevent computer intrusions, and eliminate pop-ups. The software will all be for the Windows OS platform, concentrating on users with Windows XP SP1 and SP2. Each category will discuss the inherit risks and include a few pieces of free software that can help mitigate risks.

  • Kids Online Safety Guide 101 by Hari Pendyala - July 25, 2004 

    This research paper will present ways to protect children against the dangers of the Internet by using "Defense-in-Depth" principle.

  • Why me? Minimizing your Internet Exposure by Kevin Wagner - July 25, 2004 

    As the Internet community becomes more skilled in their use of attack tools, we are seeing an increase in the number and severity of Internet attacks. Internet neophytes and professionals alike are asking the same question "There are hundreds of thousands of computers on the Internet, why was my computer attacked?"

  • Designing And Implementing An Effective Information Security Program: Protecting The Data Assets Of Individuals, Small And Large Businesses by Lee Kadel - June 9, 2004 

    Attacks against computers, in both home and business environments, have grown steadily over the past several years.

  • Budget File and System Integrity Verification for Windows by Ditmar DenEngelsen - June 8, 2004 

    Home users need an additional level of protection because the threats have increased and file and system integrity verification is able provide this.

  • Protection of Customer Data For Home Business by David Davila - August 14, 2003 

    This report offers advise for those starting a small home business needing to protect customer data from physically or electronic miss use.

  • Home Computer Security Patch Options For Corporate Security Managers. by Timothy Rice - August 14, 2003 

    This paper provides a discussion on residential users who connect to a corporate LAN via a Virtual Private Network (VPN) tunnel over a residential broadband Internet connection.

  • Defence in Depth on the Home Front by Thomas Harbour - May 12, 2003 

    This paper sets out a defense in depth approach to meet the security needs of the Windows-based home Internet user while maintaining usability.

  • The Consumer Desktop - The Weak Link in Internet Security and Why ISP's Are Uniquely Positio by John Clark - March 11, 2003 

    This paper demonstrates why consumer desktops are particularly vulnerable to compromise, what options are available today to protect the consumer desktop and why Internet Service Providers (ISP's) are particularly well positioned to improve the security of consumer desktops.

  • Defense in Depth and the Home User: Securing the Home PC by Shauna Munson - March 7, 2003 

    This paper's purpose is to make the home computer user aware of the risks of using an unsecured computer, and to provide a guide in how to secure the home computer by applying various layers of defense to their system.

  • SOHO Firewall Savvy by Maureen Lamb - March 6, 2003 

    This paper will attempt to provide some guidelines for choosing, installing and configuring a firewall for a small office.

  • ZoneAlarm - A Free Solution for Home Security by Curtis Elliott - October 1, 2002 

    This paper provides an in-depth look at ZoneAlarm, a power and easy of use, free personal firewall that is designed to guard a home user's PC against the threat of hackers and data thieves.

  • Creating a Stable and Secure Connection from a Remote Website to the Inside of a Network by Tom Williams - June 17, 2002 

    This paper will examine the best way to grant remote access to the network of a very small business for employees who are out of the office on the road.

  • Multi-Layered Approach to Small Office Networking by David Taylor - March 25, 2002 

    This paper will address several areas that small business owners should consider as they deploy and grow their office network.

  • Homeland Security Starts at Home - Security for the Home Computer User by Michelle Johnston - March 25, 2002 

    This paper will give you an introduction to the topic of home security and outline what steps you need to take to start securing your home computer.

  • Sniffing A Cable Modem Network: Possible or Myth? by Dexter Lindstrom - March 5, 2002 

    This paper focuses primarily on the threat of malicious users sniffing on a cable modem network.

  • Understanding & Securing Home Windows Networks by Todd Grigsby - January 23, 2002 

    My goal of this paper is to provide an understanding of today's Internet Service Providers (ISP) offerings and methods in which you can secure your home Microsoft windows networking environment as effective as possible.

  • Getting the Most Security out of the Linksys Cable/DSL Router by Earl Charnick - November 30, 2001 

    This paper provides configuration and set up instructions for installing the Linksys(R) EtherFast Cable/DSL Router.

  • Responsibilities of the "Small Shop" in a Post 11 Sept World by Forrest Houston - November 27, 2001 

    This paper provides some direction for crafting an improved security program.

  • A 6 - Layer Defense for an IT Professional's Home Network by Daniel Crider - November 22, 2001 

    Penetrating an I.T. professional's home system is even more desirable in the eyes of most hackers.

  • Security Problems for Small Companies by Jeremy Klomp - November 6, 2001 

    This paper discusses the merits of implementing up front security measures and establishing guidelines and policies to deal with security issues as they arise.

  • Best Computer Security Practices for Home, Home Office, Small Business, and Telecommuters by Jon Willert - October 22, 2001 

    In this paper, the author recommends utilizing a multi-layered defense security approach to secure home, home office, small office, and telecommuter computers.

  • Addressing and Implementing Computer Security for a Small Branch Office by Patria Leath - October 10, 2001 

    This paper will address the security issues faced by a small office accommodating staff reporting to the main location and visitors requiring "computer access".

  • More Secure at home Using Linux by Hans Lie - September 15, 2001 

    In this paper, the author describes his personal experience of implementing defensive security measures on his home computer network consisting of a mixed platform.

  • Home User's PC Security: Threats To Windows Users and Countermeasures To Defend Against These Threats by Roziah Kassim - September 13, 2001 

    The objective of this paper is to alert home users of the growing number of threats to home PCs and to provide proper countermeasures against these threats.

  • Securing the Broadband Network by Sushilkumar Nahar - August 9, 2001 

    This paper addresses combining broadband access technologies with integrated security solutions, so enterprises and service providers can safely and securely capitalize on all of the benefits of the broadband Internet.

  • Building a Secure Home Network by Kim Thomas - July 26, 2001 

    This paper discusses the implementation of a multi-layered secure home network including, virus protection, firewalls, sensitive data, backups, encryption, safe-surfing on the Internet.

  • Layers of Defense for the Small Office and Home Network by Derek Krein - July 24, 2001 

    This paper addresses the best means of protecting a small office or home network users systems from malicious activity, is called a multi-layered defensive approach.

  • Filtering Routers in a Small Office/Home Office with a Mixed OS Environment by Ricky Smith - July 23, 2001 

    In this paper the author explores one layer of a multi-layered defense of the internal network of a SOHO user, and how to configure the packet filtering capability of a cable or digital subscriber line (DSL) router for a mixed OS network. This paper is an extension of the work of Rick Thompson [1] and Patrick Harris [2]

  • The Importance of Social Engineering for the Home Internet User by Ron Dean - July 16, 2001 

    This paper discusses the necessity for educating home Internet users, recommending several areas of improvement that will help home users understand the need for securing their systems.

  • My Home Setup by John Lutheran - July 2, 2001 

    The author of this paper shares several changes to his home computer configuration after attending a SANS five day training course on security.

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact

All papers are copyrighted. No re-posting or distribution of papers is permitted. Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.