{"id":7965,"date":"2020-05-28T07:32:39","date_gmt":"2020-05-28T07:32:39","guid":{"rendered":"http:\/\/blog.experfy.com\/?p=7965"},"modified":"2023-12-11T10:57:55","modified_gmt":"2023-12-11T10:57:55","slug":"working-from-home-are-you-cybersecure-part-2","status":"publish","type":"post","link":"https:\/\/www.experfy.com\/blog\/future-of-work\/working-from-home-are-you-cybersecure-part-2\/","title":{"rendered":"Working from Home? Are you Cybersecure? (Part 2)"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

In Part 1 of this miniseries, I mentioned that when I was young my mother always used to tell me that I was \u201cspecial,\u201d and that I foolishly took this to be a compliment. However, by some strange quirk of fate, it turns out that she was right (how could I ever have doubted her?).<\/p>\n\n\n\n

In that column, I also described my personal cybersecurity setup, leaving us on a \u201ccliff-hanger\u201d with regard to the use of virtual private networks (VPNs).<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

When you connect your computer to the internet from home, you do so via your internet service provider (ISP), which can monitor \u2014 and potentially log \u2014 everywhere you go and everything you do. Even worse, any sufficiently adroit nefarious players can do much the same thing.<\/p>\n\n\n

\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

\n

The VPN<\/h2>\n<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

One solution is to use a VPN. In this case, when you launch the client app on your computer, it immediately establishes an encrypted channel between your machine and the VPN provider\u2019s servers. Now, anything you do that uses the internet, including sending emails and browsing the web, automatically travels through your encrypted VPN channel, which means that all your ISP can see looks like gibberish. Furthermore, you can use your VPN to make it appear as though you are based anywhere in the world \u2014 I like to pop-up in weird and wonderful locations \u2014 although I\u2019m not actually convinced this helps me in any way.<\/p>\n\n\n\n

If you have a home computer that\u2019s provided by your company, it may be that the corporate IT folks have already equipped it with a VPN. Alternatively, there are a variety of providers available, such as\u00a0NordVPN<\/a>,\u00a0PureVPN<\/a>, and\u00a0Norton Secure VPN<\/a>. Furthermore, if you use Linux as your operating system, I just heard that there\u2019s an open source VPN called\u00a0WireGuard<\/a>\u00a0in the newly released Linux 5.6 kernel.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

Now, VPNs are wonderful, and I\u2019m jolly glad to have one. Sad to relate, however, there is a \u201cgotcha\u201d \u2014 a fly in the soup or an elephant in the room, as it were (feel free to pick the metaphor of your choice). The thing is that VPNs do a good job when you\u2019re using wired connections \u2014 like an Ethernet cable connecting your computer to your home router \u2014 but they don\u2019t cover layers 2 and 3 of the\u00a0Open Systems Interconnection<\/a>\u00a0(OSI) model when you are using WiFi.<\/p>\n\n\n\n

What this means is that, even when using a VPN, although the data frames of the WiFi packets are encrypted, the control management frames aren\u2019t. In turn, this means an attacker can re-initiate your connection (thus re-initiating your VPN client) any time he or she wishes. The bottom line is that, whenever you are using WiFi, you are vulnerable. This is especially true in public places like coffee bars, hotels, and airports, but it\u2019s also the case on private networks like those at your office or home.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

I can imagine you sitting at home reading this on your screen, glancing at the WiFi icon on the status bar, and thinking \u201cWhat! Noooo!\u201d I know that\u2019s what I thought when I first heard this. Fortunately, help is at hand from a company called\u00a0WifiWall<\/a>.<\/p>\n\n\n\n

The guys and gals at WifiWall have a system called WifiWall Dome, which can be used by IT folks to protect companies, airports, industrial facilities, and\u2026 the list goes on. The WifiWall Dome provides continuous monitoring and analysis of 802.11 traffic and access points (APs), detection of Wi-Fi attacks such as Rogue Access Point, Evil Twin, Man in the Middle, Channel switching, ARP poisoning, beacon, and more, and also real-time geo-location of rogue access points and evil twins.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\tThe WifiWall Dome can be used to protect companies, airports, caf\u00e9s, etc. (Image source: WifiWall)\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

Now, this is all well and good if you are in a location that\u2019s protected by a WifiWall Dome, such as your company\u2019s headquarters, for example, but what if you are out on the road, visiting clients, staying in hotels, or working from home? Well, in this case, your IT department can issue you with a device called a WifiWall Traveler, which is roughly the same size as a pack of Tic-Tac mints.<\/p>\n\n\n\n

As you meander your way around the world, your Traveler constantly monitors any WiFi networks it sees, classifying them as being safe, worrying, or active threats (e.g., rogue access points). Furthermore, you inform your Traveler as to the MAC addresses (unique IDs) of your various systems. In my case, my Traveler knows the MAC addresses of my tower computer, my laptop computer, my iPhone, and my iPad Pro. The Traveler \u201csniffs\u201d any WiFi packets that fly under its metaphorical nose, paying particular attention to any packets with the MAC addresses of any of your devices.<\/p>\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

If the Traveler sees anything untoward or detects an attack, it will send a Channel Switch 802.11 command to your device instructing it to immediately terminate its connection to the WiFi, thereby blocking the attack and protecting the integrity of your system and data.<\/p>\n\n\n\n

Unfortunately, WifiWall Travelers are currently available only as part of a full-up corporate WifiWall Dome solution. So, how is it that I have one? Well, as I mentioned earlier, I\u2019m special. In addition to my rugged good looks and the fact that I\u2019m a trend-setter and a leader of fashion, the folks at WifiWall were kind enough to send me a standalone WifiWall Traveler for my personal protection.<\/p>\n\n\n\n

A couple of days ago at the time of this writing, our governor ordered a \u201cshelter-in-place\u201d to commence at 5:00 p.m. that evening, so I drove to my office to pick up my main computer and bring it home. Before I set off to the office, I cleared my WifiWall Traveler and dropped it in my pocket. As you can see in the photo at the start of this column, which was taken as soon as I returned home, over the course of that one short round trip, my Traveler detected 249 WiFi networks it deemed to be suspicious (it doesn\u2019t bother telling me about the good ones).<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\n

OMG is all I can say. Happily, I have good news. I was chatting with the folks at WifiWall, and they tell me that, since things have changed so dramatically, so quickly, with so many people now working from home, they are working \u201cnights as the days\u201d as the old Hebrew saying goes on a new \u201cWifiWall Dome for Home\u201d product. This \u201cDome for Home\u201d will include a mini-Dome and one or more Travelers, thereby allowing organizations to distribute out-of-the-box Wi-Fi security solutions to each of their employees.<\/p>\n\n\n\n

Next time, we will consider some additional technologies you can use to protect the integrity of your data and your systems while working at home. In the meantime, as always, I welcome any cybersecurity-related comments, questions, and suggestions, along with any cybersecurity stories you care to share.<\/p>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Consider some additional technologies you can use to protect the integrity of your data and your systems while working at home. One solution is to use a VPN. In this case, when you launch the client app on your computer, it immediately establishes an encrypted channel between your machine and the VPN provider\u2019s servers.<\/p>\n","protected":false},"author":760,"featured_media":8045,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[182],"tags":[127,108,227,220,727],"ppma_author":[3615],"class_list":["post-7965","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-future-of-work","tag-cybersecurity","tag-future-of-work","tag-vpn","tag-work-from-home","tag-working-from-home"],"authors":[{"term_id":3615,"user_id":760,"is_guest":0,"slug":"clive-max-maxfield-2-2","display_name":"Clive Maxfield","avatar_url":"https:\/\/www.experfy.com\/blog\/wp-content\/uploads\/2020\/04\/medium_d96bfe3c-1e79-40e7-98cd-26c9c80fb5b5-150x150.jpg","user_url":"https:\/\/www.clivemaxfield.com\/coolbeans\/","last_name":"Maxfield","first_name":"Clive","job_title":"","description":"Clive (Max) Maxfield is Collector and Communicator of Technological Information at Maxfield High-Tech Consulting. He wrote books on Electronics, Computing, FPGAs, Mathematics, and 3D Graphics. In the past, he had acted as Contributing Editor, Editor, and Editor-in-Chief at a variety of publications, including EETimes.com, Embedded.com, and EEWeb.com."}],"_links":{"self":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/7965","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/users\/760"}],"replies":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/comments?post=7965"}],"version-history":[{"count":7,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/7965\/revisions"}],"predecessor-version":[{"id":34814,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/7965\/revisions\/34814"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media\/8045"}],"wp:attachment":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media?parent=7965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/categories?post=7965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/tags?post=7965"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=7965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}