We connect a lot of devices to many networks every day and sometimes we don’t realize how many networks we have connected to at the end of the day. We all use mobile devices such as cell phones, tablets and a multitude of other wireless devices. Every connection puts us at risk for things like exposing personal identifiable information, as well as encountering malware that can steal our data or otherwise compromise our information.

Every day we connect a myriad of devices to our home networks, the organizational network and public networks. We connect so many devices that sometimes we don’t even realize how many devices we have in our possession and we don’t even realize that some of these devices have made established connections to various internet services and they are all sharing information. We highlight the ways in which internet-connected devices have impacted our lives and will empower all users to own their role in security by taking steps to reduce their risks such as:

• Rename routers and networks used at home. Don’t keep the factory default name (i.e. Linksys).
• Use strong passwords.
• Keep all your devices updated.
• Turn on encryption if available.
• Use multiple firewalls such as hardware firewalls and software firewalls.
• Turn off the WPS (Wi-Fi protected setup) setting for your home router.
• Use a VPN (virtual private network) when high security is needed.

Devices such as gaming devices, e-readers and digital speakers are all great devices to have in our homes. They entertain us and they increase our productivity but we cannot take for granted that these devices are “innocent” devices that connect to the internet and by default will have all the settings necessary to protect our data and protect our identity. A common threat that can manifest as a result of ignoring protecting for your devices are phishing attacks and in contrast to a virus on your computer a phishing attack can seem very harmless and can be introduced to your device or home network relatively innocently. The most common phishing we know about are those phony emails that bombard us from “The Prince in Nigeria” or the “Long Lost Relative That Won The Lottery”. But phishing attacks can be presented as harmless looking pop-up advertisement or a link that looks like a legitimate page.

In summary, it is a tool and method attackers use to try and coerce people into clicking on a malicious site or download, potentially leading to a security issue. On the dark web, phishing is a very popular and effective way to try to steal data, lock data, delete data, gain access, or take over a computer. Phishing usually comes through email but can come via text message or other collaboration apps like Google Chat, Zoom, or other common collaboration applications. Phishing is usually obvious, and the above signs show prominently. However, some phishing attempts are tricky and it’s hard to spot a legitimate message from an illegitimate one. For example, amid the current crisis, many phishing attempts are using COVID-19 as their hook. Also, we’ll all recall, shortly after GDPR was passed there was a flurry of companies sending out updates to their privacy policy and emailing people about it. Well, attackers took advantage of this world-wide explosion of privacy policy updates and tricked many into clicking the links to “view or accept the new privacy policy.”

Our “new normal” means that we are all working from home and learning wherever it is safe and comfortable for us. The dining table now substitutes as our mobile office and a hammock tied to a tree in the backyard could also substitute as a conference room. This freedom is great for our “new normal” but we must be cognizant that everything we do online has potential risks that can compromise your data. It is important to always be conscious of what content you’re accessing online, where you’re accessing it and what device you’re using to access that content. Because of this, if you connect it, protect it.