Securing Your Home Wi-Fi Network

communication concept on digital background 3D illust

The number of devices being brought into modern homes and connected to the Internet are growing at a staggering rate. With off the shelf Wi-Fi routers and voice activated assistance devices connected to Wi-Fi televisions, Wi-Fi thermostats, and Internet connected security cameras, securing your home Wi-Fi network has never been more vital. If these devices are left unsecured anyone of them can become an open door for cyber criminals to enter your home network to steal personal data.

The first step toward preventing unauthorized access to your network is changing the wireless router’s default administrator password. This is not the password a person would enter to access the Internet using the router.

The administrator password grants you access to change the Wi-Fi password, monitor website visits, and view unencrypted Internet traffic.  These are only a sample of what a cybercriminal could do if they gain control your Wi-Fi router. Updating the administrator password is not difficult and can be accomplished in under five minutes. For a more in-depth read on passwords, review the article Password Security. After updating the administrator password, disable the router’s remote administration option. This will ensure a physical wired connection will be required to access the router’s administrator functions. By requiring a physical connection, you reduce the possibility of someone accessing your router over Wi-Fi without your knowledge.

Next, you should change the routers broadcast service set identifier (SSID) to hidden. Typically, routers can be identified from the factory SSID which is broadcasted over the air. After you change the SSID, set it to not be broadcasted. Having your router not broadcast its SSID means someone will need to know the exact SSID before they can join your Wi-Fi connection. The actions discussed so far in effect build layers of defense to your home network security strategy. As with all computer devices, remember to regularly check for software updates. Ensure your routers firmware is current. Once the router is secure, review the wireless connections encryption.

To protect the connection to the Wi-Fi router, select an encryption algorithm from among either Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) or Wi-Fi Protected Access ll (WPA2). WEP is an older wireless security algorithm and is no longer secure. WPA is an improvement over WEP but also has been proven to be susceptible to being cracked. Whenever possible select WPA2 encryption with Advanced Encryption Standard (AES). If your router has a firewall feature enable it to block unrequested incoming connection requests to your network. Another feature to enable if you have the option is the guest function. This will allow individuals to use your router to access the Internet on a separate network with limited access while keeping your main network secure from unwanted outside access.

Consider purchasing Virtual Private Network (VPN) software or service to protect devices with an always-on Internet connection such as Internet security cameras, Wi-Fi home entertainment devices, and Internet of Things (IoT) devices.  In addition to a VPN connection, these devices should be placed on a separate network to facilitate containment if they are compromised by cybercriminals. Internet enabled devices open and close connections in a manner totally transparent to the user. To monitor and control these connections, reputable firewall software is recommended.

Now is a good time to address your wireless routers placement. Locate the router in a central interior area of your home to increase coverage and reduce Wi-Fi signal broadcast outside of the residence. By implementing the recommended steps in this post you will raise the security posture of you home Wi-Fi network.

Bookmark Alabama Cybersecurity website to stay informed on the latest issues and useful tips to stay safe online.