Working in the corporate world, protection of applications, systems and data is performed by your professional IT staff using a variety of hardware, services and devices. This ensures that the company’s digital assets and information is secured against unauthorized access, malware and ID theft. A variety of network firewalls, virtual private network access methods, web application security devices, virus protection and database security measures manage the integrity of the assets.
What is the average payroll professional to do when it comes to their home computing? Most of us have anti-virus software on our laptops/desktops, but what protection do we have against malware, phishing attacks or unauthorized access? How secure is your home wi-fi set-up? Is your smartphone or tablet vulnerable? You don’t have to worry about these things at work, so let’s look at your home wi-fi from a security standpoint, review a checklist of best practices, and explore some new options in the effort to secure your computing.
Wi-Fi utilization has grown exponentially in the home. Beyond any desktop or laptop computers, think of all the devices that now access your wi-fi services - how many do you have?
- Smart TVs
- Video game consoles
- Cable/satellite boxes
- Network-attached storage devices
- Smart thermostats
- IP/Security Cameras
- A variety of devices that now fit into what is referred to as 'The Internet of Things.'
The common thread for all these devices; they may use data that is private in nature and could be a target for attacks.
You can configure your router to reduce your exposure. Best practices say you should:
- Make sure that your access point is using encryption. Common encryption standards are labeled WEP and WPA; at a minimum you should use WPA. Newer routers support the even more secure WPA2 standard. Use a strong shared WPA Encryption key, with a minimum of 12 digits, using upper case and lower case letters, numbers and symbols.
- Set a password to access your router. This sounds basic, but many people plug in their router to do the install and do not change the factory default ID and password (example: admin/admin). Your router can then be controlled by anyone within its range, with a couple of access attempts. Again, the password should be a strong password, use the same standards as described in item 1.
- Change the SSID (Service Set Identifier) from the default setting to something that is different and unique. If your ID is Linksys, Dlink, Netgear, etc. you are broadcasting the type of device to any one in range. Set up a unique name, not an identifying name like SmithFamily. As an example, you could use a random string of letters and numbers like 936TWP. It is unique, but does not identify you publicly or reveal where this device is located.
- Use MAC address filters. Every device with wi-fi access has a unique code called a MAC address; using MAC filtering registers the address and only allows known MAC addresses to connect to the network. MAC filtering should not be used without WPA2 encryption also being in place.
- Disable remote login. For most cases, you rarely will need to update your internal router settings remotely. Remote login makes it easier to access your internal router settings especially if you have weak usernames/passwords (like admin) on your router.
- Disable wireless administration of your router. Again, this closes a way that an intruder could access your router. It is best to make router changes via a hard wired connection, like a LAN cable connected to your computer.
- Update your router’s firmware. Manufacturers issue patches for bug fixes, new features, and added security on a regular basis, so be sure to keep your equipment up to date.
- Check regularly for upgrades. Many manufacturers allow you to register and receive release notices via email, or you can log into your router and use the 'Check for Updates' feature. </lin</ol>In a new approach for the home market, networking hardware companies are releasing security appliances that protect wi-fi connections and routers by scanning the network traffic and blocking security threats. These devices combine the functions of a router, intrusion preventer and network firewall, and can be placed ahead of or in back of your existing router. Their advantage is the ability block malicious traffic at the network level, stopping attempts to control a system if it was infected by malware or a virus, and also limits the ability to extract data from this infected system. Data packets that come in and out are assessed for known malicious patterns. Examples of available devices include Bitdefender BOX, ZyXEL ZyWall, Sonicwall TZ Series Firewall, and WatchGuard Firebox.Home oriented devices are designed to be used without requiring major technical expertise. Most are plug and play in nature. As we discovered in this article, your home system has huge importance in keeping all the devices you depend on securely accessing your wi-fi. Develop your plan to regularly keep it configured correctly, updated and protected.