One of the many good things about the Internet is that it enables us to work at home. When you work at home with your company data flowing through your network and computer, however, you need to pay special attention to securing that data.
One of the basic concepts taught in college-level computer security courses is “defense in depth.” That means providing more than one level of security surrounding your computers. In the case of a home network, it means defending the wireless access point and also defending individual computers. There are five basic steps to secure your data in a home network. They’ll help keep your work data and your personal data secure.
- Turn on encryption on the wireless router. Encryption is like having your own magic decoder ring. It keeps other people from reading your data. Use Wi-Fi protected access (aka WPA) encryption if you can, but the older, standard wired equivalent privacy (or WEP) is better than nothing by a long shot. The setup is a bit of a pain as you need to copy a key from the wireless router to each computer, but modern wireless routers have made the process much simpler.
- Turn off the SSID. Each wireless router has a name called the service set identifier. The SSID is like an address that is broadcast to the world by the router. At the cost of having to copy the SSID to each computer, you can turn it off. While a clever hacker can still get the SSID, it makes it less obvious that you have a wireless router. Defense in depth, remember? At the same time, you should change the SSID name from the manufacturer’s default. Don’t change it to your name or address, change it to some random five-digit number. The last thing you can do is turn down the power. Most wireless routers allow you to decrease the amount of broadcast power you use. Turn it down so it just covers your house.
- Use a VPN tunnel to talk to work computers. A virtual private network is like a secure tunnel from your computer all the way to your work computers. It’s a very safe way to transmit sensitive or confidential data from servers to your computer. Even if you’re on an unsecured wireless hotspot at your local coffee shop, you can be secure with a VPN tunnel.
- Turn on the Windows firewall and have antivirus and malware scanners on all computers. This is more defense in depth. Even if the hackers get through your wireless router and into your network, you can still stop your computer from being turned into a zombie that’s used to send out spam. It’s estimated that there are more than 18 million home computers in the United States that have been taken over by hacking networks. Keep your security software up-to-date. Save your work computer for work and keep the kids on their own machine.
- Back up your data. Disasters happen. Computers get infected. Coffee gets spilled. One of the most important things you can do cheaply is backup your data periodically. Remember, you can replace the computer much more easily than you can replace your data.
Putting a little care into the design and implementation of your home wireless network can make your home computing environment much safer for both your company data and your personal data.
John C. Shovic is a partner at MiloCreek Consulting in Coeur d’Alene, Idaho.