Do you have more than three computers in your home? According to the Cybersecurity & Infrastructure Security Agency, one of those computers has malware on it. Almost half of all American adults (47%) have had their personal information exposed by cyber criminals, and 600,000 Facebook accounts are hacked daily.
How can you keep your family and information safe when surfing the internet at home?
“It’s not as complicated as some of us can make it out to be,” says Lisa Plaggemier, executive director of the National Cybersecurity Alliance (NCA). “The worst thing you can do is nothing.”
Lisa recently shared with us important home internet safety tips every homeowner needs to know (including you)!
To connect or not to connect?
Most households are now running an entire network of devices that are all linked to the internet. Before purchasing your next device or even start on your smart home journey, consider if you really need that smart toaster.
“I don’t have anything that doesn’t absolutely positively need to be connected because there’s an old phrase in cybersecurity,” says Lisa, who has headed the NCA for more than four years. “If it’s connected, it’s hackable.”
Even smart lights come with security risks and have been used to plant malware.
While many smart home devices help with energy efficiency and convenience – thermostats, TVs, lights, cameras, locks – they also come with risks to our privacy and security.
“We’re very quick as a society to trade off convenience for those other things,” says Lisa. “In most cases, we don’t understand the tradeoff we’re making and the role we play in making sure that our security and our privacy are protected.”
Top home internet safety tips
A few quick tips you can do to protect your information and privacy include:
1. Change your default router name and password.
“Don’t use the name of your router or the password that it came with,” says Lisa. “There are default passwords on routers when you take them out of the box, and unfortunately, you can Google those. They’re very easy to find online.”
2. Keep your devices’ software up to date.
“A lot of those updates include security fixes known as patches,” says Lisa, “so it’s really, really important to run those.”
NCA recommends homeowners set up automatic updates, so homeowners don’t hit “remind me later” and miss an important update. If you can’t set a device to update automatically, then complete the updates your device notifies you.
“My device flashes color when there’s new updates,” says Lisa.
3. Set up a guest network.
“You should have a network for your family and then a guest network for guests,” says Lisa. “Then you can also use the guest network for all those devices that we talk about – the Internet of Things devices or IoT devices.”
This way, your private information – banking, home insurance, emails, etc. – stays private.
If you work from home, use your guest network for work-related business and use your company’s VPN to secure the connection.
4. Use VPN when away from your private network.
Virtual private networks (VPNs) are generally used for remote work as they provide the same protections to workers and computers at home that are provided in the office on the corporate network. They are also great for personal use.
“I like VPNs for personal use as well, especially if you are not at home and you’re in a hotel or at a coffee shop,” says Lisa. “They’re a lot more affordable than they used to be for individuals.”
Read before changing your passwords!
The advice on passwords has changed over the last couple of years. Many organizations used to encourage people (and employees) to change passwords every 60 days or so. That’s not the case anymore.
“The National Institute of Science and Technology discovered that [recommendation] led to a whole bunch of bad habits,” says Lisa. “We started using patterns like just changing a few numbers or letters but using the same core password.”
This makes it easy for hackers to use software to crack those passwords by working through iterations. If even one password is stolen in a breach, more than one account could be vulnerable.
Today, you may be able to keep your password indefinitely if you complete the following simple steps.
1. Use complex passwords and multifactor authentication (MFA) for every single account.
“If your passwords are long and complex and you’ve secured the account with MFA, then you don’t need to worry about changing the password,” says Lisa.
Since there have been so many data breaches and many of us use the same password for multiple accounts, MFA can help to keep your information safe.
Explains Lisa, “MFA means that if somebody has your password or a version of your password, they can’t get into your account with just that password alone unless they also have access to your phone or your computer.”
NCA recommends authenticator apps with facial recognition.
“I find the authenticator apps incredibly easy to use if you have facial recognition on your phone,” says Lisa. “You get that push notification. All you have to do is look at your phone and boom, that’s it. You’re into your account.”
2. Use password managers.
“Even though there’s some bad press on those lately, we’re still fans of password managers,” says Lisa.
You may wonder about the safety of a password manager since many people assume they are “putting all their eggs in one basket.” However, password managers are very secure. All you have to do is keep track of the password for the password manager, and it remembers everything else.
“It can also think of a long complex password for a new account a lot faster than I can,” says Lisa, “and it can type my credentials a lot faster than I can.”
Password managers also make it easier and safer to share passwords, especially with family members.
“We all text passwords to each other. We have emailed passwords to each other. All these things are much less secure than a password manager,” says Lisa.
3. Log out of accounts.
“If a device isn’t powered up and not connected to the internet, it can’t be accessed,” says Lisa. “I’ll say the same for your online accounts. If you’re not logged into them all the time, it’s a lot harder for somebody else to break into that account.”
4. Only give access to data when necessary.
“A rule of thumb as far as security and privacy settings go – you should give [apps] access only to the data that they need to provide the service or convenience to you,” says Lisa.
One such example is OpenTable, which is an app used to find local places to eat and make restaurant reservations.
“Clearly, OpenTable needs access to my location data on my phone,” says Lisa. “It doesn’t need access to things like my photos or my contacts.”
However, when people are hungry and downloading the app for the first time, they may accept certain settings without reading the terms and conditions. App users need to change their mindset and prioritize their privacy with apps.
“Just enough data and not a bite more,” says Lisa. “That’s a good way to think about it.”
You’ll also need to be conscious to setting changes and terms and conditions updates.
“Settings that we configured six months ago might have gotten reconfigured in the process of running updates without us realizing what was going on,” says Lisa.
It’s a good habit to check your privacy updates on a routine basis (monthly or quarterly) and see what changes have been made. Sometimes, these settings and terms and conditions may be difficult to find, which is why staysafeonline.org created a list of these for social media and other frequently used websites.
Where to keep your home information
As mentioned earlier, your phone and your email are not secure, and even your photos can easily be compromised. Random apps may have access to the information on your phone, and you do not want your homeowners insurance or other important documents available to hackers.
“In our house, we keep the originals in a bank safe deposit box,” says Lisa, “and then we keep scanned copies in the cloud.”
This is especially important in the event of a home disaster, such as a fire or terrible flood.
“If you think about the worst-case scenario, you need to be able to access these documents,” says Lisa. “What if it were the beginning of a three-day weekend holiday and the banks are closed until Tuesday? That’s why I say don’t just keep a paper copy in the safe deposit box.”
Keeping scanned copies in the cloud can help you get access to your documents with a simple computer or device and an internet connection.
The vipHomeLink app can help! (Learn more below.)
Where and how to start your home internet safety efforts
The important thing is to start, and an easy place to begin is with a password manager. First, pick one after completing research. (Tom’s Guide and Consumer Reports have reviews on password managers.) Then, start small.
“You don’t have to put all your passwords in there at once or change all your passwords on everything all at once,” says Lisa. “Load in your most important accounts, like your financial services accounts, your homeowner’s insurance, etc.”
Once you install the manager on your browser, it will ask you if you want to add different accounts that you visit as you visit them. If you’re using the same password in multiple places, it will prompt you to change that. If you’re using passwords that are too weak, it will prompt you to change those as well.
“Don’t be intimidated,” says Lisa, “Just start somewhere, and you’ll see how easy it can be.”
Keep your home information secure
Between hurricanes, home fires, and hackers, you need some place to secure your home information. vipHomeLink can help! Our home management app gives you one secure place to store all your home documents and receipts, and our servers are HIPAA-compliant. So you know your information is safe.
In less than four minutes, you can download the app, claim your home, and enjoy a simplified homeownership experience.
Get the app today!