If you have employees or business owners working some or all of the time at home and rely on an internet connection, they’re at risk of being compromised. At your workplace you’re more likely to have stricter security in place than at home, especially if you have a large number of employees outside the business firewall.
The key risk
The main risk is an honest mistake, such as clicking on a scam email. But everything that comes in and goes out of your home wireless network goes through your router, which needs to be secure so people can’t access your home network without your knowledge or use your Wi-Fi for free.
Other risks include someone gaining access to your network or your devices, or an attacker uses your devices as part of a denial-of-service attack, where many computers are joined together to attack someone else.
How to protect you and your employees
There are a number of things you can do to make your home environments safer:
- Change the default login details (both the username and password) to something more secure and is specific to your business. Most routers come with default login details that are set by the manufacturer. Often, all devices of the same model will have the same default username and password.
- Change the name of your home wireless network as if an attacker knows what make and model your router is, they'll also know if it has any vulnerabilities which the attacker could use to access the network without your knowledge.
- Make sure the name you choose doesn't include any personal information. For example, don't include your name or home address as part of the network name. That way, no one can see that it belongs to you.
- Set a new password for your home wireless network that at least 12 characters, including a combination of lowercase, uppercase, and special symbols for network devices such as routers.
Email password compromise
If someone got hold of the password for your email account, chances are:
- It’s the same password for your social media accounts, giving an attacker access to your contacts and personal information.
- Work, contract, pricing, or other sensitive information might be stored in your account
- An attacker could send emails that look like they come from you containing links to download malware, such as ransomware.
- An attacker could use the 'forgot password' option on your other accounts to reset your passwords and lock you out of your accounts.
Attackers can do a lot of damage with very little effort, and the damage can take years to fix. Tips to keep business emails safe:
- Use a different password for every online account you have, as many of us use the same password for all our accounts.
- Make sure your original account password is long and strong, An easy way to create a good password is to make a passphrase made up of four or more random words. Always use words that are random to you, and don't use family names, birth dates or addresses as this type of information is easy for people to find.
- Have multifactor authentication turned on.
- Don’t use personal information as it’s easy to find online, especially if you use social media. Details about you, like your date of birth, your address and even your pet’s name are the first thing attackers check when they’re trying to hack into other people’s accounts. So, if you share pictures of your dog online, make sure you don’t use your dog’s name as your password too.
- If you’re worried about remembering your passwords, a password manager can create, save and manage your passwords for you.
Remember, don’t share your passwords with anyone — including your family, friends and colleagues.
Keep all security up-to-date
Anything you use to connect to the internet through your router needs to have software updates applied to it. That means mobile devices as well as those that stay in your home like your desktop PC or printer, for example. Be sure to update your operating systems and apps whenever new versions become available.
Software updates often fix security vulnerabilities in operating systems or apps that attackers could find and use to gain access to your network.
Enable a firewall
A firewall provides security by monitoring the traffic that goes in and out of your home network through your router. It stops insecure or unwanted traffic entering the network and allows legitimate traffic to flow in and out freely.
Most routers come with a firewall that has preset rules for how it will manage your traffic. Enabling it will help stop attackers connecting to, or attacking, your router from the internet.
Create a guest WiFi network
Most WiFi routers can provide a 'guest' network that can be used to keep your business laptop and mobile phone away from other devices you can’t control. Keeping your personal devices on this guest network ensures that if they're compromised, your business laptop and business phone stay safe.
Next steps
- Depending on the cost, consider giving employees devices such as laptops or phones that are for work use only.
- Be aware the ‘internet of things’ is across much of our lives and will continue to be so. If you don’t need the features that use the internet, like voice activation, disable them.
- Be aware any new devices you buy probably come with a default password that might be easily found on the internet.
- If you’re unsure, get professional IT help.