How to Secure Your Home Network
Network security is not just about securing the work environment but it is also about security at home. Cybersecurity doesn’t stop when you leave the office. In a world where we are constantly connected, cybersecurity has never been more important, even for your home. Today, I will be going over why you should care about protecting your home network just as much as businesses care about securing their environments. Just like a business, an individual can suffer major losses from a cyber attack. Your credit could potentially be ruined, your identity stolen, and you could even be black-mailed or embarrassed from private conversations being made public which could potentially ruin your reputation and result in a job loss. These are just a few reasons why you should care to protect your home network which in themselves are major.
Securing your home network is not as complicated as one would think and involves a few simple steps:
- Change the default name of your home Wi-Fi
Most routers that we receive from the different service providers (Verizon, Comcast..etc) come already set up with a default network name also known as a Service Set Identifier (SSID). A default SSID can make it easier for a potential attacker to find the default password which is why this is the first step in securing your home network. The default SSID can provide information like the type of router which can be used. When changing the SSID, change it to something you can remember but be sure to not include any identifiable information such as adding your address, date of birth or other personal information. And for those who really want to be on top with their security, it is recommended to change the SSID periodically, at least every three months or even twice in a year.
- Change the default administrative credentials
Along with changing the default SSID, it’s also important to change the default administrative (admin) credentials. Typically the admin credentials are provided either via a booklet or a sticker on the side of the router. The admin account to the router allows a homeowner to be in charge on the entire network and if a hacker was to gain access they could easily and successfully lock you out of your router and hijack the network. If an attacker was to gain access to the admin account, they would have the ability to monitor your traffic, redirect you to malicious sites or even use your router as part of a botnet army. A botnet is a network device that is under the control of an attacker to commit a cyber crime and is typically related to a denial of service type of attack. Just to add to my argument in regards to default account credentials, a simple google search yielded the following results which information directly from the verizon website:
Similar to step 1, it is recommended to change the admin credentials also on a periodic basis. A password management tool used here at Anthony Timbers LLC is LastPass. Lastpass is a secure password management tool that is used to store passwords securely as well as notes. With all the passwords we have to remember on a constant basis, LastPass is a great tool to have that can be used both personally and for businesses. With LastPass all you have to remember is one password and the rest is handled automatically.
- Make your wireless network password unique and strong
I’m sure by now you are noticing the trend, anything that is provided to you as a default should be changed. The next thing that should be changed is the network wireless password. As previously mentioned, a default password can easily be found by a hacker. When selecting a password, be sure to make it at least 20 characters long and be sure to use lowercase, uppercase, numbers, and special characters within it., The longer and more complex the password, the harder it is to crack. And now that you know about LastPass, this can be used to manage the wireless password securely.
- Enable network encryption
Again another default setting is that the encryption on routers are often turned off or comes pre-configured with WEP as the default. Either way, both options are not ideal and you should ensure that WPA2 is turned on. WPA2 is the current encryption standard that provides the highest level of network security. To ensure that WPA2 is set up correctly, you can login in to the admin console as per your internet provider’s instructions on how to access it. Hopefully by this step, you’re familiar with the admin console and have already changed the default password.
- Turn off network name broadcasting
Once all the default settings have been changed and by the way what we are walking through right now is considered hardening. Hardening is the process of securing a system by reducing its surface of vulnerability. By disabling the network name, remember the network name is the SSID mentioned in step 1, this makes it that your network name is not visible to the public. In order to access your network, somebody would have to know your network name and input that information along with the password in order to gain access. Again this is the benefit of changing the default SSID. You’ve just made the hacker’s job that much harder and your network more secure. Turning off the network name broadcasting also protects from war driving. War driving is a type of cyber attack where an attacker drives around looking for wireless access points to possibly exploit.
- Keep your router’s software up to date
This is the golden rule when it comes to IT, ensuring that you are always running the latest software of your devices. Why do updates exist? Well they are typically addressing security issues or a performance improvement roll out. Although this is included as a step, most internet service providers handle firmware updates and are completed automatically with no user input required. However just to be safe, be sure to confirm that this is the case with your device with your internet service provider.
- Use VPNs to access your network
Having a virtual private network (VPN) connection is no doubt the last step in ensuring your internet communication is handled securely. If there is one thing to note, is that when it comes to cyber security, the more secure you are the more inconvenient it is for the user. I can comfortably say that this step is not absolutely necessary compared to the previous 6 steps however is still important. Setting up your VPN may sound intimidating but it is actually quite simple. Having a home VPN would not only allow you secure access at home but also secure access when on public Wi-Fi. Luckily with VPNs you have the option to set it up yourself or pay for a third-party service, this depends on the bandwidth available to you from your internet service provider.
As you can see, cyber security should extend outside of the office and into your home especially with more people working from home due to COVID-19. We constantly face risk and must ensure to remain aware of ways to better protect ourselves. Hopefully you found this how-to helpful and be sure to be on the lookout for more how-to posts.