Office of Information Security

January 26, 2024

Home network security

So far this year, we’ve posted tips for securing connectionsdevices, and UW NetID credentials, along with ways to spot scams and phishing attempts. We have one more resolution for staying Cyber Smart in 2024.

Resolution #5: Secure your home network

How much do you know about your managing your computer, router and other devices on your home network?

Now is a good time to learn as much as you can!

It’s important to check with manufacturer recommendations for configuring and managing your devices at home.

Here are some tips to get you started:

Computers and laptops

  • Update and patch. Keep computers, devices and all applications up to date.
  • Use antivirus software and keep it up to date. Sophos Home Premium can be downloaded for use on personal and UW-owned devices.
  • Secure your connections. Use a virtual private network (VPN) service, such as Husky OnNet.
  • Enable the firewall on your devices. Default firewall settings are acceptable for Macs and Windows machines, but verify that they are turned on.
  • Learn more about securing laptops and devices in our Securing Laptops Risk Advisory.

Routers

  • Make sure you change the default name on your router to something unique and change the default administrator password on the device.
  • Use the strongest form of encryption that you can. Wi-Fi Protected Access 3 (WPA3) Personal Advanced Encryption Standard (AES) and Temporary Key Integrity Protocol (TKIP) is currently the most secure router configuration available for home use. Both WPA2 and WPA3 are preferable to WEP.
  • Require a password for users; don’t leave your WiFi network open. Just like with other devices, use strong, complex passwords.
  • Use a guest network so that visitors have their own password. A guest network can be used for IoT devices as well.
  • When it comes to firmware, it’s especially important to keep your router updated. How hard or easy it is to keep the firmware updated depends on the device, so check with the manufacturer.
  • You may see guidance that says you should hide your network name, or the SSID. If you read up on it and decide you want to hide it from view, that’s fine. But don’t assume that hiding your network will keep it out of reach from adversaries. The network can be reached in more than one way by those who have the right tools to find it. It’s more important to change the default name, require a strong password, use strong encryption, and to get to know more about the administrative interface than to hide the network name.

For more tips on working from home, see our Working Remotely online training.

Resources

CISA: Home Network Security
NSA: Best Practices for Securing Your Home Network