Earlier this month was Safer Internet Day, which is focused on educating and creating awareness for a safer internet. As Dayton’s only local ISP (Internet Service Provider), DataYard knows the importance of internet safety and security. While we do our part to keep the internet safe as a provider, the only one who can keep your home and your family safe on the internet is you. Don’t worry DataYard is here to help you make IT better.
These are all suggestions that we believe to be the best option within reasonable expectations, these are suggestions where economically and technically feasible.
Defining Home Network.
DataYard defines a home network as the primary private network that an individual uses to access the Internet when in their home. Home networks do not include public carrier networks (LTE, 4G, 3G, etc.), public hotspots or public Wi-Fi access points (hotels, coffee shops, airports, etc.) The definition of a home network is limited to private networks typically controlled by you at your residence.
One of the major considerations of securing a private network is wireless (Wi-Fi) security. DataYard recommends periodically changing SSID names, changing Wi-Fi passwords, and utilizing the current wireless security standard WPA2. WPA2 uses an encryption that encrypts the network with a 256-bit key. As an additional layer of security, you could implement MAC address restrictions to restrict access and further security private network.
Stay Up To Date
On any device that is accessing the internet through your home network it is important to be using the latest Operating System (OS). Keeping the OS updated will ensure you have the most recent security features enabled by default and prevent common attacks. In addition, making sure that all software and applications are up to date will prevent outdated software breaches.
We highly recommend deploying a physical firewall between the internet access connection and the internal network/device(s). This could be accomplished by deploying a router with an integrated firewall (Best Routers in 2018). By default, these devices will filter incoming access to the private network, excluding normal operating protocols for accessing Internet resources. Many internet service providers supply a modem/router combination device, in which case you should ask for administrative privileges to make adjustments where necessary.
Remote Access for Home Networks
It is increasingly common for users to allow remote access into their home networks for various functions, applications, and systems (IOT, Home Security, Media Centers, etc.). In order to provide remote access to these various technologies, users may open various ports/protocols on both the filtering devices and the end devices. In these scenarios, we strongly encourage you to:
- Allow remote access to the system only when required
- Restrict access to IP address, ports and protocols as much as possible
- Perform IP filtering when technically feasible
Additional Security Measures
Additional best practices include regarding securing a private network include the following:
- Keeping all internet capable devices up-to-date with security patches
- Changing the default privileged edge password of all devices on the private network
- Using strong and complex passwords for access to home equipment and devices
- Maintaining active anti-virus and anti-malware on all applicable devices
- Implement Full Disk Encryption (FDE) on Laptops
If you’d like to learn more about securing your home network or how to maximize the security of your online presence please feel free to reach out to us on social media or at firstname.lastname@example.org.