Securing the wireless home network

Updated: Oct 15, 2021

Insight from an “Ethical Hacker”

At the NEBRC we are proud to offer a range of innovative cyber resilience services for all businesses at affordable costs.

To help deliver these services we work with a team of innovative “ethical hackers” from Sheffield Hallam and Northumbria Universities, using their skills to help businesses, such as yours, secure their networks.

Here, Joe, one of our talented, informative, and reliable individuals, currently in this third year at Northumbria University, looks into the risks of failing to secure the wireless home network when working from home, and the implications this can have for small businesses.

For some, having employees working from home means opening their company systems to the outside world for the first time. It is important to ensure these systems are secure, because once they are open for access by your employees, they are open for access by hackers too. A failure to secure your systems can result in hackers gaining access and performing further attacks, such as infecting systems with ransomware and encrypting all company files. As well as securing company systems, the at-home networks of your employees should also be protected as these are yet another potential gateway into your network for hackers to exploit. If an employee connects to your systems with a compromised device or insecure network, an attacker can eavesdrop on this connection and use it to steal information and/or cause damage.

Here are some steps your employees can take to help stay protected when working from home.

· Use a strong password

The NCSC recommends using three random words for your password. Do not include any information that can be guessed, such as pet names or birthdays: keep it completely random. Your password should be unique - do not re-use it across sites or services. If you have difficulty remembering these passwords, consider a password manager.

· Make use of 2FA where possible

Two-factor authentication usually takes the form of a code sent to your phone or email, that you are required to enter after logging in with the correct password. This adds another level of protection to your accounts and helps to prove that the person authenticating is you.

· Keep your devices up-to-date

Nothing is 100% secure, and this includes your devices. Attackers will work to find vulnerabilities that they can exploit to perform attacks. Keeping your device up to date will help to ensure that these vulnerabilities are patched before an attacker can exploit them.

· Install anti-malware protection

Available for desktops, laptops, phones, and tablets, anti-malware software works to keep your device secure by keeping it clean of malicious files that are working to attack your device and/or network.

· Secure your router configuration

Ensure that your Wi-Fi is configured to use the latest wireless security standard, and that it is protected with a strong and lengthy password. This will make it harder for malicious users to gain access. Also consider disabling the Wi-Fi Protected Setup (WPS) when you do not need it. WPS is a function that allows for easy connection to Wi-Fi networks without the use of a password. Typically, you would press a WPS button on the router and a WPS button on the device you wish to connect. A popular example of this functionality is on printers that connect using Wi-Fi and require you to press a button on your printer in combination with your router to connect.

· Protect access to company systems

Where possible, your employees should use a VPN when accessing your company systems, this will help to prevent eavesdropping by encrypting the connection and obscuring data.