Last Wednesday, I started my 10 Week IT Security Challenge on Twitter ( CdtConsulting ) and Instagram ( cdt_on_tour ). The first task looks super easy: Make a list of all technical devices in the room. So, how does your list look like?
- Laptop/ PC
What about those?
- Printer/ Scanner/ Fax
- Fixed Telephone
- Audio System/ Speakers
- Monitors/ TV Screens
And if you are an Internet of Things enthusiast, living in a Smart Home:
- Air Condition
- Alarm System
- Access Control
Yes, all these devices use your local network or the internet to communicate with other devices. Therefore, you should put them all on your IT Security list. No matter when you bought a device and who sold it to you – most come without any Security applications. That makes it easy for hackers to gain control of your data – and household.
Talking about “Hackers”, most people think of sloppy kiddies, sitting somewhere in a basement room, preparing the next attack. Those are the same people, who say thinks like “I can’t get a computer virus, my internet is too slow.” A healthy respect for hackers is a great basis for a working IT Security strategy! Hacking is a business model. One that works pretty well. And it works so well, because so many people think, they cannot get hacked.
Poster with potential security holes (from RefiGuide.org / t3n.de)
Even if you and your data is not interesting for someone else, maybe your company’s data is. More and more companies allow their employees to bring their own devices and work from home. But do they organise regular security updates? Do they check their employee’s home network and all connected devices? If you know a company that does so, please leave a comment. I never heard of one.
IT Security works like a vaccination: From time to time, every device in a network should get an update. When there is one sick device around, it could infect all the others immediately. I know, IT infrastructure and security updates cost time and money. Also, most small and medium sized businesses do not have an own IT department or someone who could take care of this. So the best way would be, if every employee knows a little about possible precautions. Then he could execute all updates by himself.
That’s the mission of my IT Security Challenge: a step by step guide to more IT Security for everyone. There is no 100% secure network ever. But your’s will look much better, when finishing all 10 tasks.