Hopefully I am posting in the correct area. I couldn’t think of a better one to put it in.
Situation: I have been asked to take over all things technology related with my family’s new place. This would include things such as:
accounts (nothing financial, but things like Apple ID’s, emails, etc.). Certain members in the family have signed up for a lot of promotional stuff, and gave their information to businesses.
Security Cameras (possibly one camera to be connected to the internet so they can view it away from home)
Smart home devices
A new wifi network which can be accessed throughout the house
General security concerns (certain members are not very security minded)
-Backups of photos and such (probably not a NAS, because we won’t need to access photos except on rare occasions)
Question: How would you handle these situations and create an ecosystem to keep your family safe? What gear would you use? What security measures would you put in place? Any cool ideas?
accounts - Set them up with 2factor/Lastpass or alternative and let them control it. Keep personal accounts to the person (trust me, they’ll still screw it up and blame you either way).
Security Cameras - Perhaps the ubiquiti g3 as that comes with a nice mobile app to view remotely. You would also need to invest in a poe switch and/or injector.
Smart home devices - aside from having these on a separate wifi network/vlan you just need to hope its fine…
New wifi network - If wanting complete coverage, Google mesh, AmpLiFi(Ubiquiti), Netgear Orbi.
General security - Sync to google drive or other cloud device. Point sync folder to documents/pictures in windows. Plex cloud also uses google drive and can be viewed on most devices with app support.
tldr - manage your family expectations as you will not be 100% secure all the time, but you can take a few easy steps to mitigate possible future damage on your home network.
The AmpliFi is just a consumer friendly brand that Ubiquiti built. https://amplifi.com/ Much like Linksys was to Cisco.
It doesn’t have all the features their edgerouters. The access interface is via a phone app(downside), but it is dead simple to setup, and generally secure with auto-updates as a feature.
for the IOT devices i would suggest making sure your router that sits between your modem and home network can setup one way internet connections so it can speak out but not receive for things like security cams. Or at a minimum make sure that you can limit what ports it can use. there is always as ASUS calles it putting devices on DMZ that you want to talk out to the web and only the web.
LastPass or some other alternative. All are technically insecure (anything over the WAN can be hacked), but easiest for you to setup, and NOT manage. Something more secure would be Keepass.
DON’T MAKE THEM AVAILABLE OVER THE INTERNET. Have you never seen this subreddit??? Also, a couple of analog security cameras (BNC jacked) will probably be good enough. Most can do 1080P for quite little money.
NO. None of this crap
A couple of Ubiquiti AP’s is probably good enough, but if you got the money, go for Meraki or Aruba stuff if you want top of the line.
If you were really security conscious, you wouldn’t use JUST the cloud. Instead, you’d setup a home NAS with some sort of RAID (raid 1, raid 6, etc), along with some long-term file storage (LTO, Archival BluRay, etc), use software to auto-backup the devices (Sweet Home, Super Backup, SyncMe, etc )and encrypt all of your data before sending it to the cloud for off-site backup.
