I want to share a conversation I recently had with a friend, whom I will refer to as JT for the purposes of this column.

He works in the financial services industry, and his spouse is in the hospitality sector. As a couple they have three children, one in middle school and two who attend different high schools. As a unit, we could say they are middle- to high-income earners, and the family enjoys the benefit of being able to afford some of the components that make up a smart home.

The devices include smart TVs; voice command and control systems (Alexa, Google Home); a smart refrigerator; plugs, lights; multiple mobile devices; and video surveillance managed by a third-party provider. All systems are connected to a single home network configured by an Internet service provider (ISP) technician a couple of years before the family first moved into their new home. By now you would have probably figured out the challenge that JT faces today. He has, for the first time, found himself working from home for an undetermined period. To ensure that he could continue to perform work duties, he was assigned a company device with all the expected corporate security features to connect to office resources. JT's spouse is also working from home but using a personal device; the children also use personal devices to connect to respective school portals. Being aware of the sensitive nature of work-related information he now has access to on a home network, JT had some concerns about his home network's security. So, he called for my thoughts.

JT : Do you think my home network is secure?

Me: Well, that depends on a few things. Your Internet service was configured by the ISP technician more than two years ago, have you changed the default passwords? Have you changed the default name for your Wi-Fi and, if so, is it a word or phrase that will quickly identify the owner? Is your Wi-Fi network-hidden, or is it still publicly visible? Has your router or equipment from the ISP been upgraded? Do you have an updated firewall to protect your devices?

JT : I don't think we have changed our router since we first got it; I didn't know that was necessary. But I have updated passwords, and I just told my son to double-check if our Wi-Fi is hidden or not.

Me: That's not bad so far but let's dig a bit deeper. You have three kids at home so, at a minimum, I'm counting three devices per person. That's 15 devices plus or minus all your other smart electronics in the house. Now JT, do you know for sure how many devices are connected to your network at any given time? Do you know what all those devices are being used for and by whom? Does your neighbour, or friends, or family who visit your house know your Wi-Fi password? How about you? What types of sites are you visiting at home? And before you go there, I mean legitimate sites, ones that can potentially be cloned or manipulated to trick you into thinking you are still accessing a safe website. While we're at it, do we even know if your home network hasn't already been compromised and if a third party already has access to your network via remote surveillance techniques?

JT : Ok! Ok! Ok! You can stop now! I get it. My home network is probably hostile and can put my work device and network and systems at risk of compromise. You've made your point! Now please tell me how I can fix it.

Me: Now, while I can't promise you that you can eliminate the risks, there are a few things you could consider to minimise the exposure.

Ensure that your company devices have an effective anti-malware solution and that it has all the latest patches installed. Ensure protection of the various end points on your network such as laptops, smartphones, tablet computers and other end-user devices, and that there is an effective firewall. Be sure that you are not using a privileged account to access your device if you suspect that you are already, or do become, compromised. Use a strong password and two-factor authentication where possible.

You should change the defaults on your ISP-supplied equipment at home and ensure that it has the latest firmware. If the manufacturer no longer supports the device, ask your ISP for an updated device. Configure the firewall feature on your device if available; otherwise, consider getting a small firewall device.

Segment your network: separate your Internet of Things (IoT) devices, mobile devices, game consoles, smartwatches etc, create a guest network and, most importantly, create a segment for your sensitive work. You may need the help of a qualified network technician so ask the network administrator at your office for assistance or to recommend someone. Talk to your family about safe Internet usage; this could go a far way in limiting your exposure.

Now you may not see yourself as a JT but onetheless, you may know a JT. There may be many JTs in your organisation who today are unknowingly leaving very sensitive company data exposed to third parties with malicious intent. Whether you are the CEO, head of IT or the newest member of the business development team, be sure to protect your organisation and home networks against malicious intruders who troll the Internet looking for openings to exploit.

The writer, Andrew Nooks, is with Symptai Consulting, a member company of the Jamaica Computer Society.