In Depth
Seven Deadly Sins of Home Office Security
Whether your home office is for the occasional WAH or you're running a business from the house, are you guilty of one of these security oversights?
By Joan Goodchild, Senior Editor
"People think: 'I'm at home, no one is going to bother my home network,'" he said. "But by configuring the security properly, you make it difficult enough that criminals go elsewhere to find lower hanging fruit." (See also: Top 9 Network Security Threats in 2009)
Krein's checklist for security layers includes: a network firewall and good antivirus/anti-malware software, kept up-to-date.
He also recommends that those who have several computers in the home put a personal firewall on any laptop they are using to further protect it from infections that may have gotten into other computers in the home network. If your laptop has Windows XP, it comes with a personal firewall; all you have to do is enable it. Windows Vista has a firewall that is turned on by default. But if you're not working with a system that already has a personal firewall, software is available from most major security-software vendors.
Forgetting Wi-Fi security
How many wireless networks can you log onto at home? Can you see your neighbor's network? Sure, you only log into your own. But can you trust everyone to be so ethical? How easily could someone get onto your network and see sensitive information?
Krein advises that home networks have some kind of encryption, such as Wi-Fi Protected Access, or the newer standard of encryption known as WPA2, enabled. It is important, said Krein, to ensure your wireless router is enabled and configured for encryption and that all wireless network devices are configured properly so the security will work. It takes some time, he said, but it is well worth it.
Most newer Wi-Fi-certified devices support WPA protocol; it is just a matter of configuring it properly to work, which is information you can probably get simply from the owner's manual of your wireless router. But if you are using an older device, you may need to upgrade.
Also see Wireless Security: The Basics
Failing to separate your business from your home
While it may not be necessary in all instances of home office scenarios, Krein recommends considering the nature of your work when deciding whether or not you need to segregate your work network from your home network. Certain types of work are subject to various laws and regulations. Using the same computer for work as you do for personal business could present an ethical, or even legal, issue."
"If you are doing work that requires PCI compliance, such as working with credit card numbers, or if its medical work and you are bound by HIPAA rules, you would want to segregate your networks."
$firstKeyword
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
