Croatia - Flag Croatia

Incoterms:DDP
All prices include duty and customs fees on select shipping methods.

Please confirm your currency selection:

Croatian Kuna
Free shipping on most orders over 400 kn (HRK)
Payment accepted in Credit cards only

Euros
Free shipping on most orders over 50 € (EUR)
All payment options available

US Dollars
Free shipping on most orders over $60 (USD)
All payment options available

Bench Talk for Design Engineers

Bench Talk

rss

Bench Talk for Design Engineers | The Official Blog of Mouser Electronics


Work From Home Cybersecurity Tips for Engineers Clive  Maxfield

(Source: Song_about_summer/Shutterstock.com)

Many of my techno-friends are employed by large companies and—until recently—spent their working days ensconced in their corporate facilities. I also have sundry friends who are freelance consultants, covering things such as hardware design, software development, embedded systems, and security. Many of this latter group work out of home offices.

I’m a freelance consultant, but–rather than work out of my home–I rent an office in a complex downtown. One reason for this is that I don’t have space at home to establish a fully functioning office, but I also try to keep my professional and private lives separate.

Of course, all of this changed with a shelter-in-place order. Since that edict, I’ve been working from my kitchen table. Like many, I’m worried about the level of cybersecurity I have at home. Is what I have good enough? At least I’ve had some time to prepare since I’ve been working from home on occasion for the past couple of decades. By comparison, a lot of engineers who—until now—have predominantly worked in the office and relied on their corporate IT department to handle the security, now find themselves up to their armpits in security concerns.

And what about the IT folks themselves? At many companies, IT teams are scrambling because they’ve gone from having a small percentage of employees working occasionally (one or two days a week, or maybe a month) from home, to having almost 100 percent of their workforce toiling remotely.

Let’s explore some of the security options available that can help protect important information no matter where the office is set up.

A Base-Level Security Setup

Remembering that each situation is unique, let me start by describing my own setup. I have a tower computer in my office driving three 28" monitors. I also have a laptop computer at home driving a single 34" screen (Figure 1). Opinions vary on which is the most secure operating system (OS). Both of my machines run the Microsoft Windows OS. Some of my friends use Apple computers with macOS®; others prefer Linux OS-based machines. Many believe machines equipped with macOS are inherently more secure, but some dispute this claim. Others informed me that Linux offers your best chance to establish a secure environment, however, they maintain you need some Linux expertise for the proper setup. Though each of the operating systems has its fans and critics, the listed operating systems can form the base of a secure home office environment.

Figure 1: The desk in the pleasure dome (my office) with my three 28” monitors. Observe the myriad boxes of cables and components under the desks. (Source: Author)

Being Held to Ransom

The thought that one of my machines might be affected by ransomware terrifies me. Ransomware is a type of malware. The name “malware” is itself a blend of words for “malicious software.” The most common form of ransomware attack is one in which the perpetrator manages to encrypt all of the data on your system and then threatens to perpetually block access to it unless a ransom is paid.

Should this happen to me, it would be problematic. My setup encrypts each file, so my system would see a change and upload an encrypted version of the ransomware to the cloud. It could then spread to my other system, if it were on at the time. Thus, once a week, I disconnect the computer I’m currently working on from the internet, run a full virus scan, then connect an external USB solid-state drive (SSD), back up my entire Dropbox folder, disconnect (“air gap”) the drive, and reconnect the main computer to the internet. Of course, there’s always the chance that I just backed up a copy of a sneaky, undetected virus to my SSD. But you can only do what you can do.

One point to be careful of–becoming overenthusiastic, thinking “more has to be better,” and installing multiple tools. The problem is that antivirus tools work at a low-level deep in the OS abstraction, interposing themselves between the OS and the rest of the system. Although some of these offerings play well together, other combinations see each other as viruses and start to fight it out between themselves (This usually “ends in tears,” as they say).

Virtual Private Networks (VPNs)

One thing that continues to surprise me is the number of techno-savvy people who fail to use a virtual private network (VPN). Another thing that surprises me: The number of techno-savvy people who do use VPNs and mistakenly assume themselves to be protected. If you are independent, or if your company doesn’t already provide a VPN solution, then a lot of VPN providers are out there to consider.

Here’s the idea: When you access the internet, you typically go through your internet service provider (ISP), which redirects you to where you are trying to go. The problem here is that your ISP can see (and log) everything you do online. Also, your connection to the ISP might itself be less than secure.

In the case of a VPN, the first thing you do is launch the VPN client on your computer. This establishes an encrypted communications link between your computer and the VPN host, which means that all your ISP sees passing before its eyes is encrypted gibberish. Of course, this does mean your VPN provider could potentially monitor (and log) your traffic, which is why they go to great lengths to convince you that they would never do such a thing.

A word of caution: If you are using Wi-Fi in a café or hotel or airport, you are potentially wide open to various attacks in the form of rogue access points, evil twin access points, connection hijacks, man-in-the-middle attacks, and so forth. Even if you are at home or in your office, if you are on Wi-Fi, you are vulnerable to attack, so try to use a wired connection wherever possible.

Conclusion

This brings us to the end of our security primer. To be honest, we’ve really only scratched the surface of home-based cybersecurity here. This is a humongous topic with myriad ramifications. As for this post, I welcome any comments, questions, and suggestions. In the meantime, take good care of yourself and keep safe and “CyberSecure.”



« Back


Clive "Max" Maxfield

Clive "Max" Maxfield is a freelance technical consultant and writer. Max received his BSc in Control Engineering in 1980 from Sheffield Hallam University, England and began his career as a designer of central processing units (CPUs) for mainframe computers. Over the years, Max has designed everything from silicon chips to circuit boards and from brainwave amplifiers to Steampunk Prognostication Engines (don't ask). He has also been at the forefront of Electronic Design Automation (EDA) for more than 35 years.

Well-known throughout the embedded, electronics, semiconductor, and EDA industries, Max has presented papers at numerous technical conferences around the world, including North and South America, Europe, India, China, Korea, and Taiwan. He has given keynote presentations at the PCB West conference in the USA and the FPGA Forum in Norway. He's also been invited to give guest lectures at several universities in the USA, Sheffield Hallam University in the UK, and Oslo University in Norway. In 2001, Max "shared the stage" at a conference in Hawaii with former Speaker of the House, "Newt" Gingrich.

Max is the author and/or co-author of a number of books, including Designus Maximus Unleashed (banned in Alabama), Bebop to the Boolean Boogie (An Unconventional Guide to Electronics), EDA: Where Electronics Begins, FPGAs: Instant Access, and How Computers Do Math.


All Authors

Show More Show More
View Blogs by Date