With a large amount of confidential and/or proprietary information residing on and flowing through a corporation’s network, organizations put a lot of effort into ensuring that information stays confidential and remains accessible. For example, they may utilize some form of Network Access Control (which only allows authorized devices to connect to the network), perform vulnerability scanning in-house, or have an external cybersecurity company such as SureCloud perform security testing on the corporation’s assets – this can be in the form of penetration testing. For overall coverage of cyber risks and compliance management, many businesses opt for an IT GRC software package, which combines all the tools and controls you need to maintain your security posture.

Efforts to ensure all networks and devices are secure, and information can only be accessed by those authorized to access it, are essential. All of which are very sensible and recommended best practices.

What can businesses do to stay secure during the WFH climate? 

With working from home now the ‘new normal,’ that same corporation now has a distributed network that goes all the way to their employees’ home network. A network that the corporation has little control over may be completely insecure.

While corporations cannot take control of these home networks (short of supplying employees with corporate hotspots anyway), they can advise their staff on the best steps to take to improve their home network security.

Although some remote working users may have very secure home networks, the owner has invested their time and money to provide that assurance. However, this kind of home network is in the minority. Instead, we aim these five tips at the majority, who likely have a major-brand ISP-supplied wireless router with the default settings.

Top five tips for improving your home network security

1. Ensure that your wireless network uses the most secure encryption type supported by your router.

This encryption makes your communications with the router unreadable by other persons ‘sniffing’ the packets from the air. Some encryption types available have been around since the early days of wireless networks and are now easily broken. Routers may call the encryption they support by different names; the following table aims to illustrate safe and weak home wireless encryption protocols: 

If there are no good encryption protocols to choose from, then be mindful that even weak encryption is better than no encryption. If this is the case, it is probably time to update your wireless router.

2. Secure your passwords.

Make sure that the password to your wireless network (sometimes called a Pre-Shared Key or PSK) is secure.

If an attacker can guess or brute-force the password to your wireless network by trying thousands of guesses in an automated attempt to find the correct password, then they can join it. Once joined, the attacker could search it for vulnerable devices and view the traffic from other devices on the network (excluding wireless networks using WPA3).

When choosing a password, it is good practice not to use dictionary-based works or mutations of dictionary words (e.g. SureCloud > 5ur3Cl0ud). Use as many special characters (i.e. not numerical or alpha) as possible and make the password length at least 12 characters long.

Another element of keeping the password secure is knowing who has access to it and, therefore, your network. If you don’t know who exactly is connecting to your network, it’s probably time to change the password to something new.

Read my take on traditional passwords. 

3. Change the router’s default Administrator password.

The Administrator password allows a network user to access the router’s settings and change them. This tip only applies if the password is already something easily guessable, such as the name of the ISP, the name of the manufacturer of the device, ‘default’, or ‘admin’. Some modern routers use more complex default passwords, which are unnecessary to change as they are not easily guessable.

 4. Make sure the firmware of your router is up to date.

Many ISP routers now do this automatically by downloading the firmware, installing it and rebooting the router in the dead of night. But not all routers will do this. You should be able to access the upgrade options by logging into the router with the Administrators password and looking for the upgrade, update, or firmware option. Consult the manufacturer or distributor of your router for instructions on how to do this best.

5. Try to make other devices on your home network as secure as your router.

This means installing updates on your computers as they come in, changing default passwords on any smart devices, ensuring that anti-virus software is running on all computers, and being cautious about what is downloaded and installed.

The FBI has recommended that Internet of Things (IoT) devices such as security cameras and smart devices are not kept on the same network as the more sensitive devices such as personal and work computers. While this is sensible advice, it’s not feasible to expect the average home worker (not a network security expert) with standard consumer networking equipment to be able to do that.