If you work from home or any off-campus location, you are probably working wirelessly. While it’s very convenient, working wirelessly puts you and the Pack at risk because you are sending and receiving data over radio signals traveling up to several hundred feet.
By taking a few proactive measures to secure your router, you can fend off a multitude of cybercriminals vying for your sensitive information.
What network devices do you have?
In simple terms, the internet is sent to your home from an internet service provider (ISP) such as Spectrum, AT&T or Google Fiber and connects to a network device — typically a router.
Many routers include a built-in access point (AP) while others rely on a separate device; the AP provides wireless internet access to your personal or work laptop, smartphone, tablet, and Internet of Things (IoT).
If you have a smart refrigerator or any other IoT device in your home, you need to scrutinize their security features. In many cases, they are connected directly to the internet.
What proactive steps can you take right now?
- If you use an ISP router, see How to secure your router and home network for reasons why using it can be a bad idea.
- Follow the user guide provided by your device’s manufacturer for detailed secure configurations. If you don’t have a user guide, you can find one online at the manufacturer’s website. Make and model numbers are found on the back or bottom of each home network device.
- Change all default settings. Changing the router’s default settings is a must. If any of your network devices still have their default settings (e.g., wireless network name, aka SSID; passwords), change them now. Make sure your password is a long, strong passphrase that you do not use anywhere else!
- Disable remote access, Universal Plug-n-Play (UPnP) and Wi-Fi Protected Setup (WPS). While some of this advice may seem counterintuitive, disabling these settings makes the devices more secure. For example, while the WPS setting may have been helpful at one time, it’s now a vulnerability.
- Enable Wi-Fi Protected Access 2 (WPA2) or WPA3 for wireless security. Wired Equivalent Privacy (WEP) and WPA are obsolete and much less secure.
- Update all firmware and software regularly. Some routers implement these updates automatically. Consult the manufacturer’s website or user guide for details.
Warning: Tinkering with routers using open-source code can be extremely risky.
- Turn on HTTPS access to the router interface if available. This setting protects your password by preventing it from being transmitted without encryption.
- Set up a firewall.
Some of the more advanced precautions you can take:
- Use MAC address filtering to keep “rogue” devices off your Wi-Fi network. This becomes more challenging if you have several devices; however, the initial effort is worth the protection it affords you.
- Use network segmentation to isolate risky devices. This can be as easy as setting up a Guest network for IoT devices, visitors and streaming.
Warning: It is important that you “segment” IoT devices into a separate network away from the data you need to protect.
See these helpful resources:
Remember, the manufacturer of your personal network device is your best source of help should you need further assistance.
For additional information, see: