Effective router security tips
Gone are the days when you had to configure your router's settings using primitive, DOS-like menus! These days, manufacturers make it really easy to tweak routers using easy to understand settings, and sometimes even cleverly designed mobile apps.
And yet, most small business owners purchase a router, set up a password for their Wi-Fi network, and then call it a day. It is true that most entrepreneurs are very busy, but if you take the time to set up your device properly, you will save a lot of time and headaches later on.
Evil people are lurking on the interwebz, trying to hack your router, and then get access to your company's data. Some of them may use a wardriving machine, a specially designed laptop that works in conjunction with a GPS, mapping out all the wireless networks in the area. Others may be thousands of miles away from your office, but use software that tries to make use of unpatched router vulnerabilities, and so on. So, let's see what can be done to protect your router.
First of all, log into the admin panel. It's easy to do that by using the default user and pass, which are often set to admin/admin. As you can imagine, routers who use this combo are very easy to hack. So, be sure to change them right away.
Some routers utilize predefined user names that can't be changed, and this is a pity, because hackers have access to huge, up-to-date databases that include predefined router user names and passwords. Let's hope that your router doesn't fall into this category, though; most modern devices accept custom user names, which can have up to 32 characters.
Choose an uncommon string of characters for the router admin name. Pick "gx81Q32jY” as your "user”, for example; hackers won't have any chance to guess a name like that. Then, choose a long and strong password, which makes use of all the available characters. Write it down and you won't ever have to worry about forgetting it; you aren't going to use that password too often anyway.
It's time to choose a hard to crack Wi-Fi password. Pick a long, complex password; WPA2-PSK (the only secure option at the moment) allows you to use passwords that can have up to 64 characters, so set up, and then write down a pass that's got at least 20 chars. Wi-Fi network names (also known as SSIDs) don't matter too much; they are visible to anyone, though, so don't choose a SSID name that gives away too much information. Use something like "MikesNetwork”, rather than choosing "XYZCompanyAccounting” for your wireless network name.
Update your router's firmware; it is essential to do that, because responsible router manufacturers patch their products as soon as they discover new security holes. Most of the time, you will find the router update button, often labeled "Check for upgrade”, in your router's "Advanced” settings. It's true that some manufacturers don't provide this convenient option; if this is the case, you will have to visit their websites regularly, download the firmware file, and then upload it to your router. It's easy to get sidetracked and forget to patch your router regularly, but it's essential to do it, so be sure to make room for this activity in your busy schedule. Alternatively, your can use our network maintenance services ;)
Disable Wi-Fi Protected Setup (WPS). It helps new devices connect to existing wireless networks quickly, by utilizing a simple pin, but it will also make it really easy for cyber criminals to join your network, and then get access to all its shared resources. Yes, you will have to input that complex Wi-Fi password each time you connect a new device to the network, but I guess that you won't have to do that on a daily basis, right?
Turn off the wireless component of your network when you aren't using it. Some routers have built-in scheduling systems which allow you to disable Wi-Fi at night, for example, and this make it impossible for nocturnal wardrivers to penetrate your network.
Finally, set up a guest network for your guests; don't give them access to your company's Wi-Fi. Most routers make it easy to create guest networks that will self-destruct after a few hours, so be sure to make use of this feature.