1. Set strong passwords for your computer and wireless internet router
One of the issues the Consumer Report study raised was that some routers allow users to set weak passwords, so don't rely on your devices to tell you how strong your password should be. Instead, follow CISA guidelines3: Set a unique, strong password for your router and each device connected to it — and change them regularly. A password manager can be a helpful way to maintain them all, but be sure to choose a reputable password manager, and consider keeping the passwords to your financial accounts off of the manager.
2. Update your operating system and browsers — continually
It may seem like a drag to get those alerts to update the software on your mobile devices, computers, and browsers so frequently, but those updates help protect you. Cybercriminals are constantly finding new ways to hack networks and devices, and software updates help keep you one step ahead of them.
3. Re-configure your router settings
Many routers come with default settings intended to make setup easy, but those settings can also make hacking into them easier. To secure your home network, update the following settings:
- Select the highest security setting option your router allows. According to the National Security Alliance's StaySafeOnline4 initiative, users should choose WPA2 if that's available to them; if not, go for WPA. Both of these options are more secure than the standard WEP.
- Change your network name to something unique that does not reveal your location or identity.
- Disable Universal Plug and Plan (UPnP). UPnP is a default setting that allows networked devices to discover and communicate with each other on the network—for example, connecting a wireless printer to your devices. If you're not using it, turn it off.
- Disable remote management. This allows users to update your router's settings over the internet, which is a security risk.
4. Install antivirus software on your computer
Your computer and browser's software updates are important, but they can't do everything. CISA says that reputable, updated antivirus software "can automatically detect, quarantine, and remove various types of malware, such as viruses, worms, and ransomware." That level of security, combined with updated operating software, helps keep your data extra secure.
5. Install firewalls on your network and devices
A firewall is like a barrier around your network or device. According to StaySafeOnline, antivirus software only scans incoming email and files, but a firewall watches attempts to access your system and and can block suspicious activity.
Some routers and operating systems come with firewalls, but be sure yours are engaged. CISA says your internet service provider is a good source to ask about whether your firewall settings are well suited to your network and devices.
6. Turn your WiFi off when possible
The less often your wireless network is on, the less vulnerable it will be. This could mean turning it off at night, while away on vacation, or even when working from a desk with access to an ethernet cable. Ethernet connections are generally more secure5 than wireless networks, but anti-virus software, awareness of phishing attempts, and other precautions are still necessary.
7. Back up your data regularly
In addition to protecting your network from a cyberattack, it's smart to be prepared in the event that it happens anyway. Back up your data on a regular basis. That could be weekly, daily, or even more frequently, depending on the complexity of your work and the value of new data that could be lost at any point. Both external hard drives and cloud backup options are available, and some people choose to rely on both.
Not only will having all your data at your fingertips be a relief if you experience a home network breach, but you'll also be grateful for backups if your laptop has a run-in with your morning coffee — a hazard work-from-home veterans know well.
8. Beware of phishing attempts
Your home network is only as secure as the devices connected to it — and cybercriminals think up all kinds of ways to gain access to your devices. Among the most common is phishing, which is when hackers use clever emails to trick users into giving out personal information or access to their devices.
These fraudulent emails can look official, so use these steps to avoid a phishing attack:
- Never open a file or other attachment from an unknown or untrusted sender.
- Do not click on links in emails from an unknown or untrusted sender.
- Never reply to an email requesting personal information. If the sender claims to be an official source, like a bank or government entity, locate the official customer service phone number for the organization independently, and call to verify the request.
Be especially careful with unexpected files, attachments, or requests for information coming from a colleague or someone at a company your company does business with. If you aren't expecting the file or request, and the context isn't highly specific, a quick phone call can help you confirm that it's legit.
According to CISA, increased phishing attempts often coincide with major events6 like natural disasters, epidemics and health scares, economic concerns, political elections, and holidays, so be extra cautious during those times.