Every day is a computer security day, but November 30th is officially Computer Security Day, intended to raise awareness of online security issues and to promote cybersecurity best practices.
Days like these are a handy nudge to do a few extra security checks. With that in mind, here are some tips from the Sophos support team on how to secure your Wi-Fi network at home.
Many people think that “no hacker would be interested in my home network.”
But everyone has something that’s valuable to attackers: personal information, bank details, financial data, perhaps even a webcam that could let criminals know when you aren’t at home, or that might let creeps spy on you when you are.
And if you’re working from home, it’s worth remembering that for a skilled attacker it’s just a hop, skip and jump across the network from your personal computer or connected device to your work laptop, and possibly from there to the whole company network.
For a detailed explanation of Wi-Fi, check out our Wi-Fi Fundamentals article on the Sophos Community site.
Tip 1. Apply those updates
“Patch early, patch often” is a regular mantra on Naked Security, and it applies to all access points, modems and routers you use for your home network, as well as all the devices that can connect to it.
Take a moment to check when your firmware was last updated. If it’s not up to date, patch without delay.
Set your devices to automatically install updates where possible. If you discover that you are unable to update (for instance, if the manufacturer is no longer providing support), consider migrating to a device that is properly supported.
Tip 2. Check your encryption settings
We recommend using at least WPA2-PSK (AES) encryption, also known as WPA2-CCMP. (PSK stands for Pre-Shared Key, which is the password you need to connect to the network in the first place.)
WPA2 was first ratified by the Wi-Fi Alliance in 2004. If the router you’re using doesn’t support WPA2, upgrade to a newer model that does.
Never use WEP, short for Wired Equivalent Privacy, because the encryption system it uses was cracked completely many years ago – it gives nothing but a false sense of security.
LEARN MORE ABOUT WEP AND WHY TO AVOID IT
Here’s a video we made more than seven years ago explaining why you should choose decent encryption for your home Wi-Fi. Some older network devices don’t support anything better than WEP, so it’s tempting to keep on using WEP if your router still supports it. Get rid of the old devices instead.
Tip 3. Pick a proper password
Pick a proper password for your Wi-Fi network.
It’s tempting to use a short and obvious password so it’s easy to type in on devices such as phones, or to read out for friends who want to join your network while they’re visiting.
But an obvious password makes it easy for people you haven’t invited onto your network to connect up as well. You only need to enter it once, so a little bit of extra hassle putting in the password in the first place is worth it to make it harder for outsiders to guess the password in future.
Remember also that if you have allowed a guest to access your network but then decide that you don’t want them connecting any more, you will need to change the password to keep them out.
Tip 4. Check who’s on your network
It’s worth taking a moment to see which devices have accessed your Wi-Fi network recently. Many routers have an option in their management pages, usually accessed via your browser, that will show you which devices have connected recently.
Are there any rogue computers online? Perhaps the teenager next door is still connected from their last babysitting session? Are there any home devices such as webcams or baby monitors that you’d forgotten about or thought you’d turned off?
If there are devices accessing your network that shouldn’t be, disconnect them. Changing the Wi-Fi password will stop any unwanted devices getting back online automatically.
Tip 5. Review your IoT devices
IoT is short for Internet of Things, and it refers to devices that didn’t used to be computers in their own right, such as webcams, smart speakers and doorbells, but that now connect to your Wi-Fi network by themselves, and operate independently.
Paul Ducklin’s recent article on 8 tips to tighten your work-from-home network included some great advice for securing IoT devices such as webcams and smart speakers. The main takeaways are:
- Only connect devices that you really need to have online. Power down devices when you’re not using them.
- Make sure you know how to update your devices.
- Configure your devices correctly,
- Change any risky settings, such as default passwords.
- Check how much data you are sharing.
- Put IoT devices on a ‘guest’ network if you can.
- Turn on ‘client isolation’ if available.
- Make sure you know who to turn to if you have a problem.
Every day is a computer security day
Good computer security is, of course, something we need to take seriously every day, not just on November 30th.
That said, it’s worth using events like Computer Security Day as a prompt to take a deeper look at your security and check that everything is as it should be.