What have you changed with your own security posture?

shochan

Everyone is hacked...it's our daily IT news....

So, have you done anything about it?  What have you improved on?  Better social media security?  Longer/complex passwords?  Upgrade your firewall/router at home?  Encrypting your own hdd's?  Mobile device awareness (not jumping on free wifi, disabling bluetooth, AV),  Password managers, Honeypot on your home network so you can see who might be attacking you, IPS/IDS installed, VPN on whenever you surf, Using proxies all the time, using a more "secure" browser, etc...etc...etc...

Tell me, it would be interesting to hear and learn new security methods.

cheers!

mikey88

I've read somewhere that not reusing passwords and not clicking on email links eliminates like %90 breaches. So, that's a good place to start. I do some of the things you mentioned but definitely not all.

NetworkNewb

Most security breaches happen because someone did something they weren't supposed to do.  Or things just not getting updated.   Easy things for an individual to keep track of at home if they actually care even a little about it.   Don't need a fancy security system at home to stop hackers.    Just keep your passwords and important information in a secure space. 

Companies get hacked because multiple that one individual by 10,000 and your chances someone screws something up somewhere is almost guaranteed.   

cyberguypr

Agree with NetworkNewb. Sticking to the basics is the key:
- Password managers to mitigate password reuse
- Patching
- Don't click on random crap
- Low privilege accounts for everyday use
- Harden devices (encrypt, shutdown unused stuff, etc.)
- etc.
I lead an infosec team protecting very important stuff and have nothing fancy in my home network for prod. I only deploy tools on my lab so I can keep up to speed. My only concern at home is availability. I have automated most of my important backups to cloud destinations but currently working on figuring out a "dead man's switch" solution to ensure my family gets encryption keys and access to my stuff if I'm not around.

Fulcrum45

I try to follow best practices in general but sometimes it's a moot point. The VA has lost my information three times due to stolen laptops. Equifax certainly didn't help things either for anybody. It's not tech, but I've since added ID theft protection (more like insurance) and treat it like my water or electric bill- just a modern day necessity. 

PC509

I'm not sure if we're the best crowd to gauge what people are doing to secure their stuff. I know myself and many others go way overboard not because we're paranoid, but because we want to learn the stuff. We go overboard with the firewall, SIEM, IDS/IPS, VPN's, etc. as part of our home network just for fun. Yes, it adds security, but it's also not very typical. I have some of that stuff, but it's not to be more secure, it's to learn and play with the stuff for fun. Additional security is a byproduct. 

I do use 2FA whenever I can, don't reuse passwords, encrypt my information at home, regular backups, updates. Firewall/SIEM/IDS is just for fun.  

Pseudonymous

- Password manager and 2FA when available

- I regularly update my passwords

- I delete all unused old accounts instead of just letting them sit around

- I only use disposable gift cards or disposable virtual cards for online purchases

- Credit is frozen

- *edit* I also use VPN when I'm not home

AvgITGeek

Every single account has a different password. My security issue with this is that I have all of them stored in Outlook in a PST. I guess someone would have to gain access to my computer and grab my PST.

Bank is 2FA along with work VPN.

That has been working for me.

LonerVamp

I'm old and been in this game a long time, so I can't say that lately I have changed many habits to be more secure. On the contrary, I probably have relaxed things over the years. I've gotten over needing to be anonymous everywhere; I've relaxed what I try to keep to my chest, since, well, that ship sails whether we're involved or not. I also don't get too crazy at home, because, maintaining things at home to crazy standards and maintaining honeypots and things like that can really steal time away from life, ya know? I've often started out on the secure route...which means not too much surprises me (never used Facebook, saw that writing on the wall from day 1 when I wasn't even allowed on yet due to being too old...haven't trusted Google since they went public...still use cash every chance I have...etc).

If anything, I probably rotate my important passwords more often, but usually in large swaths. I don't do cloud password managers or browser helpers. I keep them in an encrypted file. If I need them at, say, work or while using another laptop, it's on me to copy it over there and the tools to read it.

I also increasingly think about the future and if I may not be in it. As such, I do have a way for loved ones to recover all of the above in such an event.

jeremy_dfir

We have recently moved to what is known as Tactical Analytics. We take the most common attacks from MITRE's ATT&CK or we analyze attacker TTPs found in our honeypots and we then test (emulate) them against our defense solutions.

Whatever goes through, we try to create a detection for it. A SIEM query, an IDS rule etc.

cyberguypr

jeremy_dfir said:

We have recently moved to what is known as Tactical Analytics. We take the most common attacks from MITRE's ATT&CK or we analyze attacker TTPs found in our honeypots and we then test (emulate) them against our defense solutions.

Whatever goes through, we try to create a detection for it. A SIEM query, an IDS rule etc.

 Man, that is THE tightest personal security posture! 

jeremy_dfir

@cyberguypr

This is what we do in the organization i work for... and again... we really strive towards achieving this..... Too difficult to find the perfect balance....

Sorry if i wasn't clear enough.... This is not my personal project....

cyberguypr

That makes more sense. Read it in the context of the discussion, which was personal.

sil3nt_n1nja

I have been experimenting with a custom ELK that ingests sysmon and firewall logs. Being a red team guy, i am still amazed by the legit parent-child relations that i didn't know about

Azt7

I basically apply corporate concepts to home security : 

• DR (local and cloud)
• Perimeter (  Firewall / SIEM / IPS / IDS, TLD blocking, guest network)
• Endpoint (multiple detection engine on all devices, encryption / remote wipe / localization on mobiles)
• 2FA & custom password management

... 

Quite a few things. Thankfully, the family is aware of things and embraced all that layering over time !

sil3nt_n1nja

Thankfully, the family is aware of things and embraced all that layering over time ! <- I loved that part of your post @Azt7

My wife comes across 2FA when trying to access sensitive accounts of mine