Active cybersecurity extends way beyond the companies we deal with, and right into our own homes. Take a moment right now and count: How many devices are connected to your home network? Include anything from phones, tablets, and computers, to smart hubs, thermostats, and appliances. How many other people have your network credentials when they come visit? For our home, the number is staggering.
At any given time I may have up to 7 devices connected, and up to 8 more when friends and family come visit. To put it into more of a security point of view, that’s up to 15 different attack points on my home network. 16 if you include the router too. That’s a lot of security to have to think about. At-home cybersecurity is a necessary part of having a home network. While we won’t be talking about security on individual devices, we will be discussing how to lock down your network, and keep it as safe and secure as possible.
Wireless Router Security
Chances are, if you have a home network, it is wireless. I mean, come on, it’s the most convenient thing ever to not need to be wired into a network anymore. Nobody likes that. But a lot of people make mistakes with their wireless networks at home that make them easy targets for cybercriminals. This usually starts with the password. Most wireless routers and modems come with a preset password. At first glance, these seem like strong enough passwords. They are the right combination of letters numbers and characters, and are the perfect length.
However, these passwords are easy to get your hands on. Cybercriminals often maintain a “word list” of common router default passwords and it’s not hard to find. So the single most important thing you can do to begin securing your home network is to change this password. Remember the proper password protocols when selecting yours.
- Do NOT use words like “password” and number sequences like “123456”. Come on, you’re better than that.
- Try to avoid using dates like your birthday or anniversary in passwords.
- Do NOT use credit card numbers or bank account numbers (DUH)
- DO make your passwords at least 8 characters or longer. The longer the password, the harder it is to guess.
- DO use a combination of numbers, letters, and special characters (when allowed).
- Do NOT use one single word. Attackers can have dictionary lists that will use that word at some point.
In the past, I have taken to using a random string generator to produce my network passwords. Why? Because it’s not something I’m easily going to remember or be able to tell anyone by mistake and B) It’s guaranteed to be the length and makeup that I specify. I keep my passwords in a safe place not on my computer for reference if I need them.
Parallel to this choosing the right kind of security encryption key for your wireless router. You’ll notice when you go to input a security key when signing in that there is usually a drop-down list of different types of encryption like the picture to the left. The strongest encryption that comes with most home based network routers is WPA2. Sometimes this is listed as WPA2/Personal or WPA2- Personal with AES. This is what you want to use.
Older methods of encryption like WEP are the least secure and in most cases obsolete now. They can be easily broken with the right software by someone with bad intentions. So choose the right kind of encryption and a strong password key that matches it for the best way to secure your wireless router.
SSID: To Broadcast or Not to Broadcast
SSID stands for Service Set Identifier, and this is the name of your network. This is what appears on a list of available networks. You know, the ones people think are funny to name “FBI Surveillance Van” and “Get Your Own Wifi”? By the way, those are neither funny nor clever. So pick something different. Here’s the thing about SSID. It is supposed to be used to uniquely identify your network. If you leave it at the default, then chances are you’re going to leave the password the same too, thus making you an easy target. It is also a good tempting target for people who go war driving through neighborhoods.
If you think you have neighbors who may be trying to jack your WiFi to watch unmentionable content, you also have the option to hide the broadcast of your SSID. This means that to connect to your network, both the SSID and your password key will have to be entered. For people just perusing for free WiFi and those on a simple war drive, these networks will just be passed up. However, it should be mentioned that some software can discover the network is there, but it still takes the same guessing of both network name and password to access.
Get Behind a Firewall
Firewalls can be software or hardware based. The difference between the two is that a hardware firewall adds an additional layer of security against wireless attacks. Devices, especially desktop and laptop PCs are some of the easiest targets on a home network, or on any connection to the web really. Software firewalls are built into most major operating systems including Windows and Mac OS. Getting to know how to use firewall settings can be a big advantage to protecting your network. With firewall software you can configure apps to allow incoming and outgoing connections, or to deny these connections.
A hardware based firewall goes a bit further in that it protects all the devices connected to your network. It can also be a little easier to maintain and manage a hardware firewall than separate firewalls on separate devices. On a home network, these can be easily setup in less time than it takes to heat up your oven for dinner. Pricing for hardware firewalls can vary, and you’re often going to get what you pay for. But what really is the price for security and privacy?
These are all just a few basic steps you can take to ensure the security of your home network. Since the advent of wireless internet, and the quick spread and explosive growth of technology, it has never been more important to take your security seriously. You don’t want to end up a part of a botnet, or with your home network invaded and ransacked. These few key tips put you well on your way to smarter, safer, and more secure home network management.