A home network is a group of devices (computers, gaming systems, printers, smartphones, tablets, and wearables) that connect to the Internet and to each other.
A home network can be connected in two ways:
- 1. Using a wired network used to connect printers and scanners, or
- 2. Using a wireless network that connects devices like tablets and mobile devices wirelessly
A secure home network is an essential aspect of internet security. Cybercriminals can exploit vulnerable networks to carry out a range of cybercrimes, such as installing malware, stealing data, committing identity theft, and creating botnets. In this guide, we’ll discuss the key steps you can take to protect your home network and help you and your family use the internet safely.
How to change your default home network name
To protect your home network, the first step is to change its name. Your network name is an SSID (Service Set Identifier). If you open the Wi-Fi network list on your laptop or smartphone, you’ll see a list of nearby SSIDs. Routers broadcast SSIDs so that nearby devices can find all available networks.
SSIDs can contain up to 32 characters. Typically, manufacturers create default SSIDs by combining a company name with random letters and numbers. Why is it best to change your SSID name?
- • If cybercriminals know your router’s manufacturer, they may know the model’s vulnerabilities and how to exploit them.
- • A non-generic name can deter cybercriminals targeting your network because it shows that your router is managed more securely than those with generic default names.
Change the SSID so that it doesn’t reveal the router’s make or model. Avoid including personal information like your name, address, or phone number in your login. It’s best to use a non-intrusive SSID that won’t attract the attention of cybercriminals scanning Wi-Fi networks in your area.
Use a strong password for your router
Wireless routers usually come preconfigured with default passwords. Cybercriminals can guess these, especially if they know your router’s manufacturer. Therefore, change your password as soon as possible to strengthen the security of your home router. To do this, log in to the router’s management interface through your browser. The address should be the router’s default IP address, which can be found on the label underneath or in the setup guide.
A strong password should contain at least 12 characters (ideally a few more) and should include a mix of uppercase and lowercase letters, numbers, and symbols. To ensure a secure home network, change your password regularly, perhaps twice a year.
Strengthen your Wi-Fi encryption
Encryption is an important aspect of any secure Wi-Fi environment. Most wireless routers have encryption, which is often disabled by default. Enable the encryption setting on your home router to further protect your network. Four types of Wi-Fi security systems are commonly used to protect transmissions so that both the user’s device and the Wi-Fi router can read their contents.
These are as follows:
- • Wired Equivalent Privacy (WEP)
- • Wi-Fi Protected Access (WPA)
- • Wi-Fi Protected Access 2 (WPA 2)
- • Wi-Fi Protected Access 3 (WPA 3)
WPA 2 and WPA 3 are the most effective options because they are the newest and most secure systems. Older versions of WPA and WEP are not resistant to brute force attacks.
If your router offers it, consider creating a guest wireless network, which also uses WPA 2 or WPA 3 and is protected by a strong password. Use this guest network for visitors, friends, and family members who have no intention (or need) to hack into your network. They may, however, be using devices that have been compromised or infected with malware before using your network. A guest network helps strengthen the security of your home network.
Use a VPN to strengthen your network security
VPNs, or virtual private networks, are primarily used to improve internet privacy. They encrypt your data so cybercriminals can’t determine what you’re doing online or your location. The protection offered by a VPN extends beyond the router. So, even if the router’s encryption is compromised, you still have the VPN’s encryption to make your data unreadable.
If you want to protect your IP address, use a VPN. A VPN changes your IP address and indicates that you are using your device from a location other than your personal address. VPNs can be used on desktop and laptop computers, phones, or tablets.
Keep your apps up to date
Keeping your software up to date, including your router’s firmware, is a good cybersecurity practice. Older firmware has vulnerabilities that cybercriminals can exploit. Some routers allow users to check from the management interface if firmware updates are available. A few routers offer automatic updates. You can check the vendor’s support website to see if updates are available for your router model.
Sometimes firmware updates are triggered by major virus attacks in the news. The increase in major attacks will motivate the router manufacturer to review its firmware codes to ensure its equipment is protected against new attacks. In such cases, it issues a security patch. Hence the need to stay up-to-date.
Use a firewall to protect devices on your network
A home firewall protects devices connected to your network from internet intruders. It acts as a one-way digital barrier by blocking internet-based devices from accessing your network while simultaneously allowing devices on your network to connect to internet-based devices.
Most routers include a firewall. Check if yours is enabled. If your router doesn’t have a firewall, you can install an effective home firewall on your system to prevent router attacks.
Consider changing your router’s IP address
Default router IP addresses are easy for cybercriminals to find. They can even be found online. To further protect against router attacks, you can change your router’s address.
Log in to your router’s admin console and look for Network or LAN/DHCP settings. Change your IP address and save. Make a note of the new address.
Changing a few numbers should be fairly simple. Once your address is changed, use the new address to access your router’s settings. If for any reason you need to change your IP address again, you can restore your router to its factory settings.
Set up a separate router for IoT devices
The Internet of Things (IoT) refers to physical devices other than computers, phones, and servers that connect to the internet and share data. Examples of IoT devices include wearable fitness trackers, smart refrigerators, smartwatches, and voice assistants like Amazon Echo and Google Home.
The Internet of Things has cybersecurity consequences:
- • The more devices there are connected to the internet, the more potential entry points they present for cybercriminals.
- • Not all IoT devices have a good security history.
If you’re looking to maximize your router’s security and prevent router attacks, you can set up a separate Wi-Fi network for your IoT devices. This network is called a VLAN (Virtual Local Area Network). With a VLAN, you can ensure that your most valuable devices—computers and phones containing the most sensitive data—are on one network, and your less secure IoT devices are on another. This avoids the risk of poorly secured IoT devices acting as potential entry points for cybercriminals and compromising your computers and phones.
Using a VLAN doesn’t limit functionality because most IoT devices are controlled via smartphone apps connected to cloud services. Most of these devices don’t need to communicate with mobile phones or computers directly over the local network after their initial setup if they have internet access.
Disable Universal Plug & Play (UPnP).
Universal Plug and Play (UPnP) helps devices in your home detect your network and then communicate with their manufacturer for firmware and hardware updates. UPnP is a critical component of the Internet of Things, but unfortunately, it’s also a way for cybercriminals to infect devices and include them in botnets. UPnP can also be used by malware to gain privileged access to your router’s security settings.
Your router must work with UPnP for your home devices to have internet access. Since many devices aren’t password-protected or use the same password, these small devices can pose a security vulnerability.
UPnP helps with device setup, but once it’s working, it’s recommended to disable UPnP features, as well as UPnP compatibility in your router.
Disable remote access to protect your network from intruders
Many routers offer features designed to simplify remote access. However, unless you require administrator-level access to access your router remotely, you can safely disable these features from your router’s settings panel. Disabling remote access reduces the risk of people remotely accessing your router and attempting to tamper with it.
To do this, open your router’s web interface and look for the Remote Access/Administration/Management feature. Make sure this feature is enabled. It’s disabled by default on many routers, but it’s worth checking.
If some devices and applications on your network are working via remote access, you can always re-enable the functionality if necessary.
Use the MAC address filter to keep unwanted devices off your network
Many routers allow users to restrict the devices allowed on their Wi-Fi network based on their MAC address. MAC stands for “Media Access Controller.” A MAC address helps identify devices on a network. Enabling a MAC address filter can prevent cybercriminals from connecting to a Wi-Fi network, even if they know the password.
Your router’s console contains a menu option called MAC Filtering or MAC Address Filtering. Every device capable of connecting to a network has a unique MAC address. You must find the address of each device allowed on your network, then enter the addresses into the router and enable the MAC address filtering option.
Note that MAC addresses can be spoofed, and skilled cybercriminals know how to exploit them. A cybercriminal still needs to know one of the valid addresses for the network they’re trying to penetrate, but this isn’t difficult for anyone proficient with network sniffer tools. That said, the MAC address filter prevents moderately skilled cybercriminals from accessing your network, thus strengthening your router’s protection.
Think about where you place your router
Place your router in the center of your home if possible. This will not only distribute network access more evenly, but will also help keep your network out of the reach/sight of cybercriminals. It’s a good idea to position routers away from windows and external doors.
Remember that routers radiate upwards, downwards, and horizontally. If your home has two levels, placing the router on a high shelf on the lower level will cover both floors.
Turn off your network when you are away
One of the easiest ways to protect your home network is to turn it off when you’re away. Turning off your Wi-Fi network when you’re not there reduces the risk of a cybercriminal trying to break into it while you’re away.
In addition to reducing security risks, unplugging your router when you’re away also prevents it from being damaged by power surges.
Protect your devices!
Computers and other devices in your home can be entry points for cybercriminals to access your router. Many devices connected to your network are portable, such as laptops, tablets, and smartphones. Portable devices are more likely to be affected because they connect to other networks and potentially use public Wi-Fi. There is a greater risk of virus infection and hacking attempts outside your home. Equipment that never leaves your home is only exposed to one internet access point, limiting the risk of infection. To protect your home router, remember to maintain good security hygiene:
- • Keep software up to date and enable automatic updates. Patches and new versions of operating systems and applications are often released to address security vulnerabilities.
- • Protect devices with long, hard-to-guess, and unique passwords. A password manager can help.
- • Make sure your devices are protected with comprehensive antivirus software. For example, Norton 360 Deluxe protects your devices from cybercriminals, viruses, and malware.
By following the steps mentioned above, you can optimize the security of your wireless network and use the Internet at home with complete peace of mind.