Skip to main content
SANS Security Awareness

Utility nav

  • GDPR
  • Support
  • SANS.org
  • Contact
  • Request Demo

Main navigation

  • Products
    • Products Overview Column
      • Products

        Build and mature your security awareness program with comprehensive training for everyone in your organization.

        View Products
    • Security Training Solutions
      • EndUser Training

        Security Awareness training designed by experts.

      • Phishing Tools

        Tiered-template phishing simulation tool designed for all learners.

    • Products - Training Span
      • ICS Training

        Train all learners involved with Industrial Control Systems. 

      • NERC CIP Training

        Relevant Critical Infrastructure Protection training meeting compliance. 

      • Developer Training

        Protect web applications with secure coding practices. 

      • Healthcare Training

        Train learners following HITECH and HIPAA standards. 

    • Events
      • Courses & Summits

        Gain key insights and practical information in security awareness program building from experts in the field with our Summits and training courses. 

      • Summit Recap

        Review top talks from the 2019 SANS Security Awareness Summit in San Diego.

  • Why SANS
  • About
    • About Overview Column
      • About

        SANS has been around as long as the Internet. Learn about our history, experts and events around the world.

        Read About SANS Awareness
    • About Column 1
      • Our Experts

        World-class experts covering every aspect of security awareness and defense.

    • About Column 2
      • History

        Read about the SANS Security Awareness legacy.  

    • About Column 3
      • News

        Check out what’s going on with SANS Security Awareness in the news.

  • Reports
  • SSAP Credential
  • Blog
  • Resources
    • Resources Overview Column
      • Resources

        Looking to build and mature your security awareness program? These resources will enable you with the topics and techniques to improve your learner’s awareness in security.

    • Resources Column 1
      • Blog

        Read from subject matter experts and guest authors about the latest going on in security awareness.

      • Events & Webcasts

        Gain key insights and practical information in security awareness program building from experts in the field with our Events & Webcasts. 

    • Resources Column 2
      • Posters

        Developed by the community for the community. Download and share these awareness posters with your organization.

    • Resources Column 3
      • OUCH! Newsletter

        The world leading security awareness newsletter. Offered in multiple languages, created by a community of experts.

Mobile Menu

June 2020 • The Monthly Security Awareness Newsletter for Everyone

Creating a Cyber Secure Home

Overview

In the past, building a home network was nothing more than installing a wireless router and several computers. Today, as so many of us are working, connecting, or learning from home, we have to pay more attention to creating a strong cyber secure home. Here are four simple steps to do just that.

Your Wireless Network

Almost every home network starts with a wireless (or Wi-Fi) network. This is what enables your devices to connect to the Internet. Most home wireless networks are controlled by your Internet router or a separate, dedicated wireless access point. They both work the same way: by broadcasting wireless signals which allow the devices in your house to connect to the Internet. This means securing your wireless network is a key part of protecting your home. We recommend the following steps to secure it.

  1. Change the default administrator password to your Internet router or wireless access point, whichever is controlling your wireless network. The administrator account is what allows you to configure the settings for your wireless network.
  2. Ensure that only devices you trust can connect to your wireless network. Do this by enabling strong security. Doing so requires a password to connect to your home network and encrypts online activities once connected.
  3. Ensure the password used to connect to your wireless network is a strong password that is different from the administrator password. Remember, your devices store passwords, so you only need to enter the password once for each device.

If you’re not sure how to do these steps, check your Internet Service Provider’s website or check the website of the vendor for your router or wireless access point.

Passwords

Use a strong, unique password for each of your devices and online accounts. The key words here are strong and unique. The longer your password the stronger it is. Try using a series of words that are easy to remember, such as sunshine-doughnuts-happy.

A unique password means using a different password for each device and online account. Use a password manager to remember all those strong passwords, which is a security program that securely stores all your passwords for you in an encrypted, virtual safe.

Additionally, enable two-step verification whenever available, especially for your online accounts. It uses your password, but also adds a second authentication step, such as a code sent to your smartphone or an app on your smartphone that generates the code for you. This is probably the most important step you can take, and it's much easier than you think.

Your Devices

The next step is knowing what devices are connected to your wireless home network and making sure all of those devices are trusted and secure. This used to be simple when you had just a computer. However, today almost anything can connect to your home network, including your smartphones, TVs, gaming consoles, baby monitors, printers, speakers, or perhaps even your car. Once you have identified all the devices on your home network, ensure that each of them is secure. The best way to do this is to change any default passwords on them and enable automatic updating wherever possible.

Backups

Sometimes, no matter how careful you are, you may be hacked. If that is the case, often the only way you can recover your personal information is to restore from a backup. Make sure you are doing regular backups of any important information and verify that you can restore from them. Most mobile devices support automatic backups to the Cloud. For most computers, you may have to purchase some type of backup software or service, which are relatively low-priced and simple to use.

Guest Editor

Randy Marchany

Randy Marchany is the CISO of Virginia Tech. He is also a Senior SANS instructor, and teaches the SEC566, SEC440, Implementing & Auditing the Critical Security Controls courses. Follow Randy @randymarchany.

Resources

Making Passwords Simple
Password Managers
Power of Updating
Got Backups?
Default Device Passwords

Translated for the Community by:   

OUCH! Is published by SANS Security Awareness and is distributed under the Creative Commons BY-NC-ND 4.0 license.  You are free to share or distribute this newsletter as long as you do not sell or modify it. Editorial Board: Walter Scrivens, Phil Hoffman, Alan Waggoner, Cheryl Conley

In This Issue

Your Wireless Network
Passwords
Your Devices
Backups

Arabic
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Arabic.pdf
Bulgarian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Bulgarian (Bulgaria).pdf
Chinese, Simplified
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Chinese (Simplified, Hong Kong S.A.R.).pdf
Chinese, Traditional (Taiwanese)
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Chinese (Traditional, Taiwan).pdf
Chinese, Traditional
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Chinese (Traditional).pdf
Danish
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Danish.pdf
Dutch
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Dutch.pdf
English
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-English.pdf
Georgian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Georgian_0.pdf
German
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-German.pdf
Hungarian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Hungarian.pdf
Indonesian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Indonesian.pdf
Japanese
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Japanese.pdf
Latvian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Latvian.pdf
Lithuanian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Lithuanian.pdf
Norwegian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Norwegian.pdf
Persian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Persian.pdf
Polish
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Polish.pdf
Portuguese
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Portuguese (Brazil).pdf
Romanian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Romanian (Romania).pdf
Russian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Russian.pdf
Serbian
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Bosnian.pdf
Spanish
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Spanish (Latin America).pdf
Swedish
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Swedish.pdf
Turkish
OUCH! June, 2020 - Creating a Cyber Secure Home_v3-Turkish (Turkey).pdf
Guest Editor
Thumbnail

Randy Marchany

CISO, Virginia Tech IT Security
Randy is the Chief Information Security Officer of Virginia Tech and the Director of Virginia Tech's IT Security Laboratory. He is a co-author of the original SANS Top 10 Internet Threats, the SANS Top 20 Internet Threats, the SANS Consensus Roadmap for Defeating DDoS Attacks, and the SANS Incident
Twitter
randymarchany

Subscribe to OUCH!, our Monthly Security Awareness Newsletter

Get monthly content to keep you up to date on the latest Security Awareness News and Tips.

The SANS Institute provides training related to cybersecurity and the safe use of technology within your organization. To provide this training, the SANS Institute captures and processes personal data and as such has been identified as a “controller” of your information.

The information provided to SANS Institute for training purposes may include name, email address, phone number(s), address, company, department, job function, industry, organizational memberships, and geographic region. The SANS Institute may also collect data about devices and software used to access the training and training systems; this data includes browser version, operating system version, IP addresses, access times, connection duration, and other browser analytics. As training is delivered, the SANS Institute processes and stores data associated with training assignments, completion, and scores on any learning activity that is delivered. SANS may also utilize third party processors to provide these services.

If your information is provided by your employer, this information is used as part of the initial or ongoing training cycle. The purpose for collecting this data is to allow the SANS Institute and your employer to assign, deliver, record and report on your cybersecurity training. Your information and training records will be shared only with you and your employer.

At any time you have the right to receive a copy of the personal data you have provided to us in an electronically readable format.

A data protection regime is in place to oversee the effective and secure transmission, processing, storage, and eventual disposal of your personal data, and data related to your training. The SANS Institute will retain your data until you request that it be removed, after which it will be securely disposed of. The SANS Institute will never sell your personally identifiable data and will only share your personally identifiable data with SANS cyber security solutions partners when you provide agreement to do so.

When you consent to us using your information for the purposes of sending you information on SANS products or services you are providing us with your consent to send you materials detailing our products and services that we consider will be of interest to you, based on your use of the educational material that we provide as resources. We profile you this way to make the materials more relevant to you. We will only send you information on products from within the SANS services portfolio.

If, at any point, you believe your personal information to be incorrect, you may request to see a copy of your data, ask to have the errant data corrected, or ask that it be securely disposed of. If your information is provided by your employer, the SANS Institute will work directly with your employer to promptly address the matter. If you wish to raise a complaint or concern, or have questions relating to GDPR, please contact the Data Protection Officer via gdprprivacy@sans.org.

SANS has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to the EU Data Protection Authorities (DPAs), or where applicable instead, to the Swiss Federal Data Protection and Information Commissioner. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the following web site for more information and to file a complaint with the EU DPAs: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm

You may, at any time, withdraw your consent; to do so, please contact gdprprivacy@sans.org.

The SANS Institute is a U.S. company founded in 1989 that specializes in information security and cybersecurity training. All information provided to SANS Institute will be transferred to and processed in the United States. The SANS Institute is committed to comply with the Privacy Shield Framework which has been found adequate by the European Commission to enable international data transfer under EU law. For more information, please see www.sans.org or contact gdprprivacy@sans.org.

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.
SANS Security Awareness

301-654-SANS (7267)
Monday-Friday, 9am-8pm EST/EDT

Social

  • Facebook
  • Twitter
  • Linked In

Footer

  • Products
  • Why SANS
  • About
  • Reports
  • Resources

Footer utility

  • Support
  • SANS.org
  • Contact
  • VLE Help

Stay up-to-date on the latest security awareness news and tips. 

Subscribe to our monthly newsletter, OUCH!

Subscribe Now

Copyright Nav

  • ©2018 SANS™ Institute
  • Privacy Policy
  • Trademark Usage Policy
  • Credits