My Digital Ecosystem – what is it, and what can I do with it, and how can I secure it?
As the “Internet of Things” have become more and more common in our home, one thing we can be sure of, is that now, there are more vectors for privacy violations than ever before.
“Internet of Things” (commonly called IoT) are virtually anything other than a computer, that connects to the internet. So, consider, your wireless phone. Consider your Alexa or Google Home device, or your Home Television. Further, consider “Smart” appliances you may have: coffee pots, refrigerators, kitchen or living room lights, surveillance cameras, “smart” outlets, even air purifiers are going the way of wanting your Wi-Fi password or an Ethernet jack to hook into – all for the sake of getting online and getting “Smart.”
While all of these things are opening up a new world of convenience and opportunities to make our lives a little easier (imagine not having to go through your fridge all the time to find out what you are short on! Your “Smart” fridge may know you’re low on its own, and order it FOR you!) – every single device opens up a potential “hole” through the virtual wall surrounding your home and family’s digital footprint. Enter, what I like to call, the “digital ecosystem.”
The digital ecosystem is the full environment of digital devices that, either actively or passively, have become part of your daily life. The easiest things to think of when it comes to this, is your computer, laptop and your wireless phone. What is often overlooked are the other digital devices that become part of your life, but may be less obvious – such as “smart” lights and appliances we set up that first time, and often forget about, Google or Alexa devices, etc. “Smart” set-top devices, such as Android or Apple TV devices, and internet-enabled game consoles also are a part of your digital ecosystem.
Updates to these devices, and being well-supported from a good manufacturer and good brand are among the most important things that keep our devices refreshed, patched against digital attackers, and thus keeps our digital ecosystem more secure. In the event a device becomes compromised, there are actions that you can take to mitigate personal compromises, and help keep you safe:
- Dedicate a Wi-Fi and Ethernet network to your IoT devices, and don’t allow them to cross over into your standard home network. By utilizing subnets and virtual local area networks, this sets up a “walled garden” for them to be used in – that is far less likely to compromise your computers, personal data, or anything else that is off of these. It’s basically keeping your IoT devices internet enabled, but keeping them in a figurative kiddie pool – where they don’t get to play around with your primary network.
- Consider what features you really want out of smart devices, and be smart about purchasing them. Personally, I like the calendar features and photo-frame aspect of smart displays. Do I need them to listen in on everything I’m talking about (I.e., a Google or Alexa) to do that? Nope! So, instead of a Google or Alexa, I decded to go with a Family Planning calendar, that also has picture capability, too! Also, as much as I love the idea of my fridge ordering my food for me when I run low, so I don’t have to, I don’t really need it. So, I have just a standard fridge.
- Secure your online accounts utilizing two-factor authentication (also known as “2FA”). Using two factors of verification (Factor 1: your password, which is something you “know” and Factor 2: A device capable of calculating or receiving a code, to type in, which is something you “have”), this secures your online logins, such as your email, your banking accounts, your shopping accounts, etc, against someone logging into it without your permission. When you have concluded your business on these pages, be sure to log out of them! This helps keep your data secure from phishing attacks, or even just simple theft attacks! Easy ways to utilize 2FA is through physical security keys, such as YubiKey. To learn more about how 2FA works with a physical key, check this link out – it uses YubiKey to set up a 2FA solution.
- Consider VPN and secure email and storage options for your active devices, such as those from Proton. Proton natively supports 2FA across its entire suite of products, and also has security superior to most providers. Included in its suite of products is ProtonVPN, ProtonDrive, ProtonCalendar, and its original product, ProtonMail. Click each link to learn more about each product!
- Last, but certainly not least – KEEP YOUR PASSWORDS CHANGED! Establishing a robust, strong password scheme helps keep phishing or brute-force attacks from penetrating, and thus damaging and spreading, within your digital ecosystem; but you will need to stay on top of this. A lot of security, you can, indeed automate. 2FA will help provide an extra layer of defense – but only you can come up with, and implement a strong password setup, and keeping it changed.
I hope this helps you! If we can be of any help, let us know!
-- Sam