Best Practices for Securing the Home Network
Although more people have returned to the office with the easing of COVID-19 restrictions, the U.S. Bureau of Labor Statistics reports that a third of employed people still do some or all of their work from home. As a result, malicious actors continue to exploit home office security shortcomings.
Since the pandemic-triggered shift to remote and hybrid work models, threat actors have ramped up their efforts to exploit home network vulnerabilities in order to gain remote access to corporate networks. According to one study, home networks experience an average of 23 unique threats each month.
“In the age of telework, your home network can be used as an access point for nation-state actors and cybercriminals to steal sensitive information,” said Neal Ziring, Cybersecurity Technical Director for the National Security Agency (NSA). “We can minimize this risk by securing our devices and networks, and through safe online behavior.”
In February, the NSA issued updated guidance on best practices for securing home networks. Here are some of the agency’s key recommendations for home network security:
Secure the Wireless Network
When working remotely, your home Wi-Fi network effectively becomes part of the company’s network. Always change the wireless router’s default password to a strong, unique password featuring a mixture of letters, numbers and symbols. Disable the remote administration feature. Update security settings to WPA2 or WPA3 encryption.
Your home network can be used as an access point for nation-state actors and cybercriminals.
Update the Operating System
Keep the operating system (OS) up-to-date for desktops, laptops, smart devices and IoT endpoints. The most recent version of any OS will include security features not found in previous versions. Use automatic updates when available. If that’s not possible, download and install patches and updates from a trusted vendor every month.
Update Router Firmware
Wi-Fi routers are the primary gateways between local networks and the Internet. Router firmware typically includes an operating system, management interfaces, networking protocols, device drivers and more. Although keeping firmware updated is critical for preventing unauthorized access to devices and data, one study found that nearly 90 percent of people have never updated their router firmware.
Segment the Network
Segmentation is a technique for dividing a network into smaller, isolated subnets with unique security controls. This helps limit the spread of attacks by preventing lateral movement throughout the network. Home networks should be segmented between your primary Wi-Fi, guest Wi-Fi and IoT network.
Use a VPN
Use a virtual private network to connect to the company network via a secure tunnel. VPN tunnels ensure that data being transmitted is encrypted and protected in transit. Think twice about using a free VPN service, however. Many monetize their service by logging your activity and selling it to third parties for building online advertising profiles.
Change the default passwords and usernames of your router and connected devices. Use strong, unique and difficult-to-guess passwords for each account. Don’t store passwords or answers to challenge questions in plain text form on the system or anywhere a malicious actor might have access. Using a password manager is highly recommended because it allows you to use unique, complex passwords without needing to remember them.
Limit Use of Administrator Accounts
Someone with administrator privileges could access and overwrite all files and configurations on your system. To prevent this, create a non-privileged user account for everyday activities such as web browsing, email access and file creation and editing. Only use the privileged account for maintenance, installations and updates.
Contact GDS for Assistance
Because home networks serve as the gateway to sensitive company data and systems, organizations must take steps to ensure their remote workers are implementing strong security measures. The GDS security team is here to help with additional suggestions and guidance.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.