Wi-Fi is now a staple in any home and business as most of our modern devices such as smart phones, laptops and tablets require it for their internet. Therefore, by not securing your Wi-Fi network it is essentially leaving an open door for hackers to gain access to your devices and obtain your personal and sensitive information.
Here are some steps that can be taken to help improve the security of your network to ward away any potential hackers to your network;
Home Users: –
Change the default username and admin password for the router. The majority of routers come with a default user and admin password, which can easily be found in user guides and online support websites. Changing your user name and password should be the first task completed when receiving a new Wi-Fi access point or router.
Choose a complex Wi-Fi password with a strong internet security protocol. It is good practice to change the Wi-Fi password on a router, as on most routers this is written directly onto the router itself, meaning anyone walking past your router will know how to enter its network. Creating a new password should, therefore, be a must. While entering your password you will see options on which internet security protocol you would like to use. I would recommend using WPA2, as WPA and WEP have known security flaws when it comes to brute force attacks.
Keep your routers firmware up to date. This can be done manually each month, however most modern routers have an option for automatic updates which will make sure your firmware is up to date – which is good, as most firmware updates fix any known security flaws at the time and normally help bring new features to the router to help keep it secure.
Advanced / Business Users: –
Enabling MAC address filtering on routers blocks any device with a MAC address that it’s not aware of. A MAC address is a unique identifier on every device that connects to a network. Therefore by having this enabled, it stops any devices that do not have permissions to enter a network. The downside is that this method can be very time consuming, as you have to constantly update the router for which MAC address it should allow access.
Network segmentation by using VLANs (virtual local area networks). Most modern routers allow you to create multiple VLANs on a router. VLANs can create a virtual network for devices, and can be set up to now allow them to communicate with one another. For example, you can create one Wi-Fi VLAN for all Guests and then create another for business computers. This way, devices on the Guest VLAN won’t be able to communicate with devices on the Business VLAN as – in theory – they are both on separate networks. This means that if there are any hackers on the Guest VLAN, they won’t be able to breach any data from business computers containing sensitive information, as they are on a different network.
Disable any services not in use on your router, as this exposes it to less threats on the internet. This is especially true if you if you don’t know what it does. These services can be Telnet, UPnP (Universal Plug and Play), SSH (Secure Shell), and HNAP (Home Network Administration Protocol). Some these services such as SSH also have known security risks. Therefore if there are services you don’t use, remember to turn them off.
Following these tips will help ward off any potential threats to your Wi-Fi network.