Always remember that all advanced security measures are useless when you pick weak passwords. Make sure that you have strong passwords for:
Especially watch out for the default SSH passwords on your SBC images! They are useful for initial SSH login, but you need to change them as soon as possible.
ROS itself doesn't have any built-in security. If somebody can connect to ROS master, he can control the whole robotic system. Fortunately, Husarnet makes your network secure - just make sure that you don't add untrusted devices to your Husarnet networks.
Husarnet provides secure network layer for ROS - but you also need to ensure that no one can connect to your nodes and services from unsecured networks. Fortunetely, with
husarnet-firewall, this is really simple.
husarnet-ros package, if you don't already have it:
apt-get install husarnet-ros
And enable the firewall:
That's all! Now all non-Husarnet incoming connections to your system will be denied.