H4. Secure your environment

Description: Setting up your environment to enable security and maximize protections helps to defeat not only currently known attacks but also help to thwart future, unknown attacks. Configure your systems and devices to enhance security features in the software or operating system.

Threats: Using unsafe configurations for devices and systems can make it easier for hackers to access or control your systems.

Impact: Compromise of your systems, allowing attackers access to your network, systems, and data. Revealing of personal and private data. Loss of access to systems and data. Altering of important or sensitive data.

Recommendations:

Consumers should focus on:

1. Change all default passwords
2. Disable guest accounts 
3. Set your devices to ask before connecting to WiFi networks and remove networks no longer being used

Tech-savvy users should also:

1. Configure your home devices (WiFi access points, Routers, TVs, etc.) to be secure (i.e., change default passwords, update firmware, rename routers and SSID’s, turn off UPnP, etc.)
2. Configure your system to only use Whitelisted applications
3. Don’t use administrator or system accounts for routine tasks/work

Example: Not changing the default username and password on a device, such as your home router or wifi access point, could allow an attacker to log into the system and the administrator and make any changes they want, including sniffing and logging your traffic, capturing passwords, or financial information.