5 Tips to Secure Your Home Office
February 16, 2021 by Loren Lachapelle
We’re a year into the COVID-19 pandemic in the U.S. There are still millions of people working from home, and studies suggest the model of working remotely – whether full-time, part-time, temporary, or permanent – probably won’t go away completely anytime soon. A Gartner survey revealed 82% of organizations will continue to allow increased work from home (WFH) days post-pandemic, and some 47% are considering allowing employees to WFH full-time post-pandemic. That’s a huge percentage of the workforce. Having a safe and secure at-home network is becoming increasingly important (and necessary) to keep cybercriminals away from your personal and professional data. Following are five tips, gathered from SANS, you can easily implement to ensure a more secure home office network.
1. Change the Administrator Password on Wireless Routers
Most of us connect to the internet at home using a wireless router. To make it more secure you should change the admin password on your device. This can be done as part of the setup process. It’s typically done at a specific (and generic) IP address provided to you by the manufacturer, so it’s almost hard to not change the default password! When doing so, make sure you’re following the setup guidelines from your specific Internet Service Provider (ISP).
If you do not change the admin password, anyone who goes to that IP address – which is usually a common one – or anyone who tries to connect to your Wi-Fi, will have the option to change the password instead of you. So, make sure you change the password promptly upon getting your device!
Another best practice when changing your password is to make it something strong and unique. Since everything in your house is connected to this device, it’s essential to have this password especially strong to reduce the risk of hackers getting into your other devices. Use a password manager to help you remember it, and if possible, you should change the default username as well.
2. Create a Wi-Fi Network Password
The next step to better secure your home network is to create a Wi-Fi network password. Creating this password will ensure that not just anyone can get onto your network. Only those that know the password will be able to get on, lessening the chance of your connected devices getting compromised. Restricting access to your network is a must, especially if you live in a busy area or apartment building. As always, make this password unique. Never reuse your admin password.
3. Enable Automatic Security Updates
Always update your firmware and enable automatic updates if possible. If your device doesn’t allow for automatic updates, it’s important to make sure you’re regularly logging in to your account to check for updates. It’s crucial to always have the latest security patches installed to protect your device against being compromised by the latest vulnerabilities being exploited by cybercriminals.
If you have an older router or modem, or if for any reason the device is no longer being updated by the manufacturer, you should replace it and get a new device … even if it’s still working properly. If the device isn’t getting the new defenses it needs, there is a higher risk of it being compromised. Hackers are always scanning for unpatched or outdated devices to target, so if you have one, there is a good chance they’ll find you.
4. Use a Guest Network
Just like traditional office settings segment their networks to limit a cybercriminals' abilities to move laterally into sensitive areas, setting up a separate guest network on your home network can help do the same thing. This allows you to freely allow guests to connect without worry.
To change the settings, go to the same IP address given to you by your ISP. After logging in, you should be able to easily create a guest network. This allows you to ensure your primary network is only for you and the devices you know are secure. The guest network can also be used for devices you might be a little more apprehensive about, for example, your smart refrigerator.
This step is particularly relevant if you are working in a home with other people who may not necessarily be following the same security standards as you. For example, if you’re living with children or teenagers who are more likely to be tricked by phishing engagements or visit questionable websites, you can put their devices on the guest network. Guest network devices cannot see or communicate with your trusted personal devices on your primary network, so having outside devices there – instead of your primary network – is a more secure option.
5. Use Secure Domain Name Service (DNS) Filtering
Simply put, DNS is the process that takes the common names of websites, like www.tylertech.com, and turns them into a numerical IP address so that the browser knows which webpage to open. DNS filtering blocks access to specific websites, pages, or IP addresses and offers a level of security because it can restrict access to most malicious websites. With DNS filtering enabled, a user is redirected to a local IP address with a block page that typically provides the reason that it’s not accessible.
Nowadays, most Wi-Fi modems and routers offer some limited DNS filtering options by default. If enabled, this will notify you – or anyone else on the Wi-Fi network – that may be browsing to an unsafe site. If your devices don’t have this built in, there are plenty of trusted free alternatives available, such as OpenDNS, Cloudflare for Families, and Quad9.
Making your home office more cyber-secure doesn’t need to be complicated. We highly encourage you to take these five simple steps on both personal and work devices to up your defenses against sneaky cybercriminals.