When it comes to managing wifi at homes and offices, people are often unaware of the mistakes and oversights they commit, though unknowingly. Understand the fact that if left too easy to crack, anyone connecting to your WIFI illegally can easily access data like your photos, videos or what exactly your child is doing on the internet. Many people do not realize this issue unless something dangerous happens. In any case, it is always better to be safe than sorry.
Here I am putting together a list of best practices to help you prevent data breach via your home or business wifi.
1. Home or Office WIFI Router
It is great that you get a free WIFI Router from your Internet provider. First and foremost, rename your router name and if possible, turn off the broadcasting of your WIFI name. If you are not broadcasting your SSID or Wifi name, hackers won’t even know that your WIFI exists. The only overhead on this is that you need to provide the SSID name also when registering a new device such as an iPad or smartphone when someone visits you.
Most Wifi routers have a web page from where you can manage all its settings. If your computer IP address is 192.168.0.22, go to 192.168.0.1 on your browser which will prompt for your username or password. If you haven’t changed it already, the default username and password can be found from your router manual or obtained from the manufacturer’s website. For modern routers, once you are logged in, change your WIFI password for 2.4 as well as 5Ghz frequency. Note that this is the password you use on your devices to connect to WIFI. If you try doing this while connected to WIFI, you will need to re-connect using the new password to get connected back to the Internet. Also go back to the router settings page and change the default password for login to router web page via the IP Address too.
Choosing a secure password for your WIFI is important. Avoid using obvious guesses like your name, your spouse/child name or phone# or business phone number, etc. Also, change your passwords at regular intervals.
Another important step is to disable the WPS button from your Router settings. It’s one of the easiest loopholes for someone to attack your network and decrypt your WIFI password. It’s, of course, a useful feature enabling you to connect devices such as a wireless printer, but the risks it comes with, are not worth taking.
If your router supports, always opt for WPA2 encryption for all your wireless bands. WPA2 is still hackable, but it takes more time compared to WPA or WEP which are old and easily breakable. With the right tools, A WEP password, for instance, can be easily hacked in less than 10minutes.
Most modern WIFI routers have the option to enable guest access and give this WIFI password to guests at your office or home. While it allows the end-user to have Internet access, guests will not be able to reach your network resources such as a Network Attached Storage or your Router setting page, etc.
Usually, businesses expose their WIFI without a second thought to a third party/guest for video presentations which they want to download. This, however, will prove to be an entry point to perpetrators in future. So if there are business presentations by third party vendors, it would be best to provide them with an office computer with wired internet and connected to the projector or TV and not compromise your data security.
2. Invest on a good Firewall
Be it your home or office, invest in a good Firewall system for your network. I would highly recommend https://pfsense.org. For non-technical people, they have hardware appliances too. Believe me; the $300 that you spend on a firewall will prove to be a smart investment protecting the data privacy of your business or family.
Lack of a properly configured firewall can help a hacker intercept all information that your computer/phone/tablet receives or transmits outside. More often than not, people do not realize that their home networks are of any interest to hackers. On the contrary, from curious hackers to criminals to sex offenders; there are a lot of ill minded stalkers out there, for whom data over a home network is of prime interest. Their reason for hacking can be anything that ranges from just proving a point to stealing vital information regarding your business or even tracking your child’s movements, which will aid them in committing scary crimes. Understand that an insecure network could prove to be the greatest favor you’re doing for stalkers to get successful.
3. Be cautioned when browsing the internet
If you are providing any secure information such as your social security number or credit/debit card details or any sensitive data on a form, make sure that on the top of the page in the browser address bar, the URL begins with an https (SSL). Even if you are purchasing from a legit website such as Amazon, check to ensure that the https is on and that the URL is the site name itself and not something else.
Always read any pop-ups that show up on your browser before clicking on anything and take actions applying common-sense. For, e.g., IRS will not ask you to make payments by just showing up a pop up through a random website that you are browsing. They will reach you via US mail. Also, next time some creep sends you an email with someone wanting to leave you a vast fortune of millions, only go to the cyber cell division of FBI https://www.fbi.gov/investigate/cyber and report it with the email content.
Anytime you feel an email you received from a stranger is too good to believe, copy the content and paste it into Google; it is the easiest way to detect prevalent scams. If you fall prey to a scam and lose money, do not hesitate to report it to the law enforcement agencies. The information you provide will help to prevent the same from perpetrating to more people.
Whether you are on Windows or Mac or Linux, do not install any random applications or browser extensions The red flags will be high if it is from a bogus looking website that opened up of its own.
Recently I have received phone calls from someone claiming to be from Microsoft who found an issue with my computer and I would hang up the call immediately. For starters, Microsoft wouldn’t have to reach out to every American to fix a problem on their computer. If they did, they’d surely let America know of this great facility. Such phone calls originate from people who are more or less trained to get you to believe what they say and then make you install software that would give them full access to your computer to steal data without your knowledge.
4. Home Internet or Company IT Policy
A few years back we read about a massive breach in Sony, that occurred from employees not securing their computers with proper passwords, nor locking/shutting down their computers when they leave work.
In homes, it is important to keep a check on what kind of software your kids are installing so that they are not unknowingly compromising information outside to data harvesters. This data can be from a smartphone or tablet or computer or even an X-box. Sharing one’s location is one of the worst mistakes that could jeopardize a child’s safety.
It’s an easy solution to get printouts or scan documents from your office devices. But be careful with those large printer copiers. Many of them have a hard disk that stores data. A breach will mean that all the data you scanned such as a Social Security Card or your insurance information is now with a third party who is not supposed to have it.
Have a company policy of turning off all USB and external connections on all devices.
5.Usage Of Social Media
It goes without saying that you need to refrain from accepting strangers as your friend on Facebook. It’s better not to share your kid’s information like pictures with what school he/she goes to, their extracurriculars or soccer classes, etc. Ill-minded people who target children, often obtain information via Facebook or other social media where the children or the parent themselves accidentally provide information.
Open to Suggestions / Comments
If this post was helpful to you, let me know in the comments, and I will continue to contribute more original articles on internet security to help.