Protecting Your Home Network
Reinforcing your home’s fifth wall of security.
The security measures in place for most home networks often pale in comparison to those enforced by workplaces, but as a location where you and your family spend a great deal of time, your home network must be thoroughly protected as well. To help secure your home network, consider the following advice.
Antivirus & Firewalls
All operating systems—including both PCs and Macs—are vulnerable to malware. Installing antivirus software is an important layer of protection, but it is important to note that no antivirus product will stop all malware. Even paid services like Norton or McAfee are not foolproof or necessarily better than free antivirus software.
Firewalls are another important layer of protection. They sit on the edge of your network and block incoming connections from unauthorized users and software. Some firewalls can also block outgoing traffic, such as a virus on your computer attempting to “call back” to its commander for instructions. Despite common misconceptions, firewalls do not replace antivirus software. Rather, they are complementary and should be enabled on both your router and your computer.
To go one step further in protecting your home network, more advanced security solutions, like an active network monitoring service that can respond to threats in real-time, can reinforce and back up your antivirus software.
Router & Wi-Fi
Take the following precautions to help secure your home network:
- Change any default router credentials. The default username and password of commonly available routers can be easily found online, so a hacker could gain access to your network simply by seeing the username on your Wi-Fi signal.
- Give your network, identified by its SSID (a string of characters), a strong password so only users you know and trust can connect to your network.
- Be alert for spoofed Wi-Fi networks. Before logging on to any Wi-Fi network (public or private), make certain that it is the correct one and not an imposter whose name closely matches that of your own network.
- Turn off Universal Plug and Play (UPnP), a technology designed for convenience. It allows devices and applications to communicate with each other without additional configuration by bypassing security controls. It is a common way for attackers to exploit your network.
- Most Wi-Fi routers allow you to create a “guest” network for your home in addition to your highly secured “main” network. “Guest” networks can be secured with a separate password, allowing you to connect noncritical devices of third-party users. Ask your internet service provider to help you create a “guest” network on a separate subnetwork (VLAN) in order to truly segment the two. Never share your “main” network’s credentials with anyone other than members of your household.
While common cloud-based services (e.g., Dropbox, Google Drive and Box) are convenient and user-friendly, they also present serious security exposures. Avoid uploading personal, financial and other sensitive information to cloud-based services. Although these services might encrypt your files in transit, they are not always encrypted at rest, and the service provider has complete access to them. You should always enable multifactor authentication on any cloud-based file-sharing services to secure your login access.