Today, with all the craziness that is going on in the world, there is an ever increasing need and preference for employees to work from home. Although there are many perks to working from home, there is one overlooked fact most people forget. And that is…Network Security. And with that, we bring you some tips on securing your home network.
Securing your home network is already important and should be done regardless, however, it is even more important when you are working from home. As an employee, you will be dealing with various kinds of sensitive and non-sensitive data, so it is important not to overlook your Home Network Security.
Let us look at a few steps that you can do and implement to help make your Home network and Wi-Fi more secure:
Securing your router
Most people may not know this; however, your Internet router is probably one of the most important pieces of equipment in your Home Network. It is the since gateway between your devices and the public internet . This means your router is prone to security exploits that cyber-criminals can use to infiltrate your systems and devices, so it’s imperative to lock down access to your router and keep it up to date.
One of the ways to do this, and often the most overlooked, is to change the default login credentials your router comes with. The default credentials are usually something like “admin/admin” or “admin/password.” A quick Google search can reveal your router’s default login credentials making it relatively easy for would-be attackers to gain access to your router. To prevent this, your router password should be unique and strong. Try to include letters, numbers and symbols, and refrain from easily cracked passwords like “P@ssw0rd” or “Qwerty”
Another step in securing you router is to make sure your router Firmware is up to date. A router’s firmware is like any other software, they sometimes contain security flaws and vulnerabilities. These are usually fixed by the Manufacturer’s firmware patches so it is important to make sure you install the latest software and security hot-fixes available to further safeguard your router from intrusions. Some newer router models have an auto-update feature, so make sure that you enable this. However, I’d still recommend checking the firmware version on a scheduled basis to ensure that auto updates are occurring.
Securing your WiFi
Next step in securing your Home network is to secure your Wi-Fi. If a cybercriminal can sign into your Wi-Fi they are able to see and potentially access any devices you have connected to your network. A few ways to make your Wi-Fi more secure is to:
Change the default SSID of your Wi-Fi
The SSID (Service Set Identifier) is simply the name of your Wi-Fi. Changing this from the default name is always a good idea. Not only does it differentiate your Wi-Fi from your neighbors it also can stop potential attacks. For some routers, the SSID can identify the type of router, e.g. “NETGEAR”, which can give attackers information they can use to break in. Some of this information includes, detailed attacks that work against the router and finding the default credentials to access the settings of the router.
You may also consider hiding the SSID altogether. This setting tells the router not to broadcast the SSID name. This still allows your devices to connect, but you will be required to manually type in the SSID name.
Make your Wi-Fi password unique and strong
Your Wi-Fi password is important for various reasons but most importantly to keep would-be attackers out of your network. Best practice is to make sure your Wi-Fi password not easy to guess or crack by attackers. Try to make your password at least 10 characters long and include numbers, letters, and various symbols. This setting change will make it difficult for attackers to access your network. Also, make sure that the SSID encryption algorithm is set to PSK/WPA2 or better.
Create a Guest network
Having a guest Wi-Fi Network for friends and families to sign onto when they visit is another good way in securing your Home Network. Creating a Guest Wi-Fi gives your guest limited access and prevents them from spreading the password to your primary network. Your guest will be able to surf the web, stream, and check email, however, since they are on a secondary network they will not have access to your primary network, keeping your files, data, and personal information safe. Having a Guest Network also protects your primary network from Malware and other network threats that spread from devices. If one of your guests should bring an infected device, your primary network will be safe from this device. Guest networks can be set up through your router’s web interface by enabling the “Guest Wi-Fi” feature, which is normally off by default.
Disabling remote management on our router
Your router runs a web server which allows you to access its web interface through a browser when you are connected to the router’s network. The router’s web interface is where you can access and change the security and access settings of the router. However, there are routers which allow you to enable a “remote management” feature which allows you to access this web interface from anywhere in the world. If potential attackers are able to exploit this, they will be able to access and change your router’s settings remotely from wherever they are. Normally this setting is, by default, turned off but it is always a good idea to make sure it really is turned off. You can check for this setting in your router’s web interface and looking for “Remote Management,” “Remote Access,” or “Remote Administration” features and make sure that it is indeed turned off.
Enabling your router’s firewall feature
A firewall is a great defense against potential hackers and most routers are equipped with a built-in firewall. However, many of unaware of this fact and the firewall remains disabled. Firewalls can help thwart internet and port based attacks from attackers outside and prevents infected devices from attacking other devices on the network. To check if your router has a built-in firewall, log in to your router’s web interface and look settings labeled “Firewall” or “Security.” If you see this then it is a good indication your router is equipped with a firewall. Make sure to enable the firewall settings if you can, to add extra layer of security to your home network. Some settings to look for are ‘block DDOS attacks’ and ‘block WAN ICMP’.
Keep the devices on your network up to date and secure
Keeping the devices, you use on your network up to date and secured is another great way to secure your Home Network. Devices, such as cellphones, laptops and tablets are all prone to software security exploits. Cyber criminals use these exploits to gain access to the devices and once access is gained, potential attacker can access the Network as a whole.
One way to make sure your devices are not exploited is to keep the software that is running on them up to date. Manufacturer and software companies such as Microsoft and Apple, regularly release security and software updates to patch and fix any security flaws and exploits. It is good practice to make sure these updates and patches are installed so you are not a risk.
Another important step in securing your home network is to make sure you have proper and up to date Anti-Virus and Malware protection. Anti-Virus and Malware protections help to identify and eliminate malware and viruses from an infected device. It is best to have these programs running with daily proactive scans so any new infections can be found and taken care of quickly. Also setting these Antivirus/Malware programs to scan for automatic updates is a good way of keeping these programs up to date automatically.
Following these steps can ensure your network and devices are safe and protected. For more information on securing your home network visit: https://us-cert.cisa.gov/ncas/tips/ST15-002
Should you have any questions on how to secure your home network, your employees home networks or a network for your office, please feel free to contact us.