Making Remote Working Safer Through Securing the Router
by Kamilla Akhmedova
We recently posted an article posing the question as to whether or not using our personal devices for work at home puts us more at risk. You can read that post here. In this post, we’d like to expand on the theme a little more.
Here we’ll look more specifically at your employee’s home networks and what they can do to improve security on them. This will cover both work and home computers.
Improving the Security of Home Networks
Before we talk about the router and how to secure it, we’re going to give a warning. Assume that your company’s systems could be breached at any time. You can diffuse the risk through a good cybersecurity strategy, but you can’t get rid of it completely.
Before you start looking at home networks, put protection protocols in place. Ensure that the data on company devices is properly encrypted. Then ensure that backups are performed on a regular basis. That way, if the device is stolen or the network is breached, you can limit how much damage is done.
It’s also worth speaking to your employees about security awareness. Teach them how to identify potential attacks and make sure that they keep themselves vigilant.
Finally, they also need to take physical safety considerations into account. Who has access to the computer when they’re not around? Is the computer password-protected? If not, now’s the time to do this.
Lastly, is the computer discoverable? In other words, is network sharing enabled? If so, it’s probably better to switch that off.
In the immortal words of Gandalf, “Keep it secret, keep it safe.” Keep company computers in a secure location in the home, out of the reach of inquisitive family and guests.
Now let’s move onto making the network more secure.
Changes to Make to Routers
A router is a gateway to your system. Anything connected to that gateway can potentially give access to your system. Hackers will often breach less secure routers and intercept data being transmitted through them.
They might also use the router to place malware, ransomware or keyloggers onto the system.
Start by shoring up security on the router.
- Step One
Evaluate the router itself. Is it a relatively recent model? If not, check to see if the manufacturers still support that model. In cases where the router is no longer supported, employees might miss vital security patches for the latest malware. It’s better to upgrade to a new router if that’s the case.
- Step Two
Make sure that the router’s software is up to date. If it’s not set to automatically search for updates when you go online, enable that setting now.
- Step Three
Set up a guest user to use for your work. To better secure this connection:
- Use a strong password of at least 16 characters. This should be a mix of upper and lowercase letters, special characters, and numbers. The password mustn’t be the one used anywhere else.
- No one else should have the password.
- This network must be used whenever the employee signs in.
- Don’t use terms like “Office,” “Business” or similar terms when naming the network. Keep any identifying names out of the picture here.
- Step Four
Change the SSID name of the router. This won’t protect you from being hacked, but it makes things a little harder. This seems like a crazy step but keep in mind that most manufacturers include the name of the router in the SSID name.
This fact tells the hacker what router they’re dealing with. In cases where the company uses a generic username and password, they’re easily able to access that information. Even if the password has been changed, the make might give the hacker a clue as to what attacks might work.
- Step Five
Check the encryption protocol that the router uses. Most manufacturers enable encryption by default now, but it’s a good idea to check. Make sure that, at least for your work connection, the encryption level is set as high as possible.
- Step Six
Don’t connect other devices to your work network. Wi-Fi is convenient for all members of the family. Everyone can piggyback onto the same internet connection. This brings dangers of its own.
You might have smartphones and other smart devices all connected to the same internet connection. If these devices are not as secure as they should be, they could provide a potential access point for bad actors.
- Step Seven
Use a VPN. This one is a bit of a cheat because it’s not a router tip. It’s also a tip that we covered in the previous article. We’re repeating it because it offers a second level of encryption and disguises your IP address.
- Step Eight
This is another little cheat. This time, though, we’re looking at the range of your Wi-Fi. The stronger the signal your router puts out, the further the signal stretches. If you’re using a range extender, it’s time to unplug it.
If your signal extends to the neighbors or to the hall outside your apartment, a hacker can easily pick it up. From there, they’ll be able to hack it without you being any the wiser.
With these tips, you’ll enable your employees to quickly and easily upgrade the security on their home networks. Providing them with outstanding anti-malware and anti-virus support on their computers helps you to stay ahead of the game.
Combine this with outstanding security awareness training and a good recovery strategy, and you’ll have a solid cybersecurity strategy in place. No one measure by itself provides complete protection. Good cybersecurity depends on you choosing the best combination of tools.
Think of it as the difference between robbing a grocery store and robbing a bank. You won’t get nearly as much if you rob the grocery store, but it’s fairly easy money.
A bank, on the other hand, has time-delay locks, security guards, and so on. You could steal a decent amount of money, but you’d need skills to do so. A bank robbery requires careful planning and teamwork. It’s not a job for an opportunistic thief.
Make your company systems too much work for the average hacker and you’ll be more secure.