Secure your business Router: The Basics
“Perform these easy steps to add additional security to nearly any router”
Did you know that a wireless router can be the biggest security risk at your office? In our region, thousands of companies use a cheap wireless router to protect their network. They don’t realize that hackers and malware can often bypass them and hurt the business. What would a few days of network outage cost you? What would happen if your customer data was stolen? If you rely on a cheap wireless router, then these problems may be just a click away. You should never use a router to protect your network. However, if you are stuck with one, the following steps may help limit your risk. Steps to secure your wireless router You can find many of the settings described below by logging into your router’s settings page.
- Update the firmware Go to the router manufacturer’s website and download the latest update for your model. Apply the update in your router settings page. Check for new updates regularly.
- Require a password Require a password to use your wireless connection. Make it at least 10 characters long and use a mix of uppercase, lowercase, numeric, and special characters.
- Select WPA2 encryption Choose WPA2 encryption if your router gives you the option (do not use WPA or WEP, they are not safe).
- Change the name the service set identifier (SSID) is the name you see when the router is listed as an available wireless connection. Change this ID from the default to anything you like.
- Enable MAC address filtering by media access control (MAC) address allows you to set the devices that can use your network. For it to work, you must enable the filter and register the MAC address of each machine you want to allow.
- Disable remote administration This will prevent anyone from changing the router’s settings through a wireless connection. Only a machine plugged into the router with an ethernet cable will be able to login.
- Enable router firewall Ideally, you want a real security device to protect your network instead of a router. But, if you’re stuck with basic router security, then enable the firewall. It’s better than nothing.
- Disable all guest networks Some routers have optional wireless connections that allow people to join without a password, giving them internet access without access to other resources like shared drives. Disable this feature.
- Disable all other services, such FTP, that you do not use Every feature enabled on a router is another potential way for hackers to break in. Limit your exposure by shutting off all unnecessary features and services.
- Change the default IP address range By picking a custom IP address range, you can avoid attacks directed at the millions of routers that use the default settings.
- Enable HTTPS for administrative connections Not all routers have this feature, but if possible, only allow administrative access over encrypted, HTTPS sessions. This means you will access your router settings over a secure connection with “https://” in the address bar of your browser.
- Disable WPS Wi-Fi Protected Setup (WPS) provides an easier way to secure and connect to a wireless network. Though widely used on consumer routers, WPS is not secure, so disable it.
- Safely log out After logging into a router to check the settings, always (1) Log out and restart the device, and (2) Clear the cookies in your web browser.
We hope some of these changes make a positive change to your security. With all the Cyber Threats, it’s best to take full advantage of all the proven features of any security device.
Not sure how to do this? Call us for a FREE security checkup
The steps above will help secure your router, but it’s not enough to stop hackers, malware, and spam. For that, you need real network security. We have you covered. We are a leading provider of network security and IT services in our region. We protect small and medium-size offices from the most dangerous online threats every day.
Did you need additional help? Call us for a security review or schedule an appointment to have your configuration reviewed for best practices. Just contact us!