Network Security Remedies for Telework

Wanted to share here to help people while they are home working during this CoronaVirus remote work time…

  1. Practice smart password management and enable two-factor authentication (2FA) wherever possible.

This includes accessing the administrative router/modem, Internet Service Provider (ISP) web portal, or a mobile app used for home network management. Anyone with the ability to access these platforms may be able to access sensitive information traversing the home network and modify critical security settings within the network.

  1. Enable automatic updates for all routers and modems.

Software updates are extremely important as new security flaws are constantly discovered. Simply installing updates from the device manufacturer mitigates many of these problems. This is best accomplished by enabling “auto-update” with the device’s administration page.

  1. Turn off WPS and UPnP.

Wireless Protected Setup (WPS) was initially designed as a user-friendly method for new devices to connect to a WiFi network. Unfortunately, it’s been found to allow attackers to connect to WiFi networks without permission. Universal Plug and Play (UPnP) is a network protocol suite that allows devices on a network to easily communicate but has been found to contain numerous and severe security flaws. Getting these two settings correct can have a large positive impact on home network security.

  1. Turn on WPA2 or WPA3.

Old and ineffective types of cryptography plague older network devices. Ensuring strong forms of cryptography are in use within home networks can thwart others from viewing sensitive information without authorization. At a minimum, configure WPA2 for home use.

  1. Configure the router/modem firewall.

Firewalls help prevent malicious network traffic attempting to enter a network from reaching specific devices. Firewalls generally come built-in to most home routers but they must be properly enabled.

Good suggestion about UPnP, it’s laughable how insecure it is and should be disabled by default.
I believe ISP’s should be forced to follow much stricter guidelines for default router settings. Far too many still use “admin” for the user and password, firewall is often off, WEP encryption is still sometimes used. It’s really bad.

Thanks for these great suggestions on improving security. If followed well people should rarely have security issues.