Are you one who tries to see that all work-related servers, computers, mobile devices, and cloud-based apps are properly secured, but don’t always put the same effort into all your personal devices and accounts? If so, you’re not alone; and my guess is if you’re reading this post you have given little thought to securing one very important personal device, which is the wireless router in your home.
Even if the amount of time you work from home is minimal, you need to make sure this device is properly secured. Not only is such a step ethically mandated in a number of jurisdictions; but as their lawyer, your clients also expect you to take whatever reasonable steps are necessary to keep their personal information and your communications with them secure. In this time of COVID, when much of the work force has shifted to working from home, securing home routers has become particularly important because cyber criminals have shifted their focus to home devices. Heaven forbid your home router, or the home router of a staff person, ends up being the weak link that enables a successful breach of your office network.
The good news is that you don’t need to be an IT security expert to take care of most of the basics. Start by pulling out your instruction manual. If that’s no longer available, instruction manuals are often available online. Just do a search for it using your router make and model number. With that in hand, make sure to address the following recommendations if they have not already been done.
1) Because the default administrative username and password are easy to guess, you should change both. Best practices now call for a complex password of at least 20 characters comprised of uppercase and lowercase characters, numbers, and symbols. And since many router manufacturers all set the default username as Admin on all their devices, pick a username that’s unique to you.
2) Change the network SSID (the name of your network) defaults. Every router comes with a default network name. Change it to something unique to you but don’t have be something that might identify you. As with the router’s administrative password, also create a similarly strong network access password.
3) Setup a guest network with it’s own unique SSID and password because guests, to include friends of any kids, should never have access to your home network.
4) Make sure the firmware version of your router is current. Update to the most current version if it isn’t because version updates are how security patches are delivered to your router. If your router has an auto update option, make sure that is enabled. If no firmware updates have been released in the last 12 to 18 months, replace your router with a newer model.
5) Confirm that the network authentication method is set to WPA2-personal, or even better, WPA3-personal if that option is available. WPA3 is the more secure encryption language of the two. If neither of these options are available on your router, replace your router with a newer model.
6) Turn off UPnP (Universal Plug and Play). Yes, I know this can make connecting new devices to the network less convenient; but leaving it on provides hackers an access point that can be used to insert malware on to your network, to include things like programs that seek to capture login credentials to your bank accounts.
There are additional steps one can take to further secure a home router but a follow-through with these most basic steps will go a long way toward seeing that your home router is properly secured. That said, one final note. I know that keeping track of long complex passwords can be a stumbling block for some. That problem can be easily solved with a password manager. Given all the login credentials we’re all trying to manage nowadays, the use of a password manager has quickly become a veritable necessity.
All opinions, advice, and experiences of guest bloggers/columnists are those of the author and do not necessarily reflect the opinions, practices or experiences of Solo Practice University®.