Layer 2 - Network/Communication
More About Level 2 - NETWORK/Communication
Let’s discuss Layer 2—network and communication. This is the layer we traditionally thought of when we talked about cybersecurity. In the past, a big focus was on securing your perimeter, and it was much easier then because all of your devices were in your network.
Today, all of your devices don’t stay within the home network. Your computer is no longer used just at home. Your laptop goes with you, and your phone, a mini computer, does too. Due to the mobility of all your devices, it’s more challenging to protect your perimeter.
Your network connections are also more challenging and complicated. We even connect smart lights, doorbell cameras, and other Internet of Things (IoT) devices to our home network.
Although we connect more device to the internet and we connect from many different places, it doesn’t reduce our need for perimeter protection. It just makes it more complicated. We believe you need a really secure network.
How do you get a secure network? You need a router, firewall, and Intrusion Detection System (IDS), and great VPN solutions. You need these things to protect your hardware from viruses and other cybersecurity risks.
As a company that is concerned about your family cybersecurity, we want you to take your online network and communication system seriously. You need to protect your network and communication at home and when you are mobile.
How do you make sure you are protected when you are not inside your home perimeter?
When you travel internationally, you must carefully consider your cellular service. If you are at a second home, how do you protect your network there? How is your network divided? With a few small changes, you could become much more secure than you are now, and you can reduce your threat landscape, or attack surface.
You need some robust solutions to protect your family. The higher your net worth or your public profile, the higher your cybersecurity risks are. You become more of a targeted group. If you have celebrity status, your security risks increase exponentially.
If you are not a targeted family and you just want great hardware, we are a big fan of NETGEAR’s higher end products. Integrated into NETGEAR’s Orbi solutions is a tool called Circle, which we will discuss more in Layer 5. Circle gives you the ability to monitor, audit, and block content and other things.
If you are someone who is targeted, we recommend you go a step higher and use Meraki from Cisco, or you can choose another commercial or enterprise solution. Now this does cost significantly more, but we think it’s important.
Now that we’ve discussed your internal network, let’s address your Wi-Fi. What are you doing with your Wi-Fi? Do you only have one Wi-Fi network? Do you give your password to your kids’ friends or anybody who visits? This basically opens you up to be potentially compromised because people who visit your home may have a compromised device. When they connect their compromised devices to your network, your network could become compromised.
It’s hard to stop people from connecting at your home, so get a guest network. I have a secure network that is separate from the other networks that I don’t even let my kids on. More importantly, those Internet of Things (IoT) devices should be on a separate network too. Today, we have tons of IoT devices—things like lights, the coffee maker, and maybe even your refrigerator. If you put your TV or other IoT device on your home network, it will make it easier to compromise your computer or your phone.
We recommend you have a VPN. It doesn’t protect against everything, but this keeps your communication private. If you are at a coffee shop or somewhere else, the VPN keeps your data hidden from others, and it also keeps the websites you are visiting hidden from others. For example, this prevents people from seeing that you visited your bank’s website.
Redegades recommends that you have the VPN configured, monitored, and maintained. So, we really recommend you get some service to help you make sure that this networking communication and configuration is done in a very robust way and that you have a mature configuration. This is not something that should be set up on your own unless you have a background in cybersecurity.
There is still a big need to harden the perimeter, and the best way to do this is through enterprise or commercial grade hardware.
For more information, please see our workbook. We will be releasing a cybersecurity book for families later this year. It’s called Targeted, and the book will help you avoid being a target for cyber criminals.