Securing Home Networks – Overview and Supporting Materials
GW IT Risk and Assurance provides various information and resources through workshops and webinars as well as posts to our blog site. The team has compiled an overview of home network configuration focus areas and recommended changes. This summary aligns to the Cybersecurity@Home Cyber Talk presentation. Additional information is available on our in-depth Cybersecurity@Home page
Increasing Scope and Complexity of Home Networks
Internet Connectivity Creates Potential Global Access to Home Networks through Gateways or Routers
- Home network front door to the globe
- Threat – devices are targeted directly; potentially providing attackers access to in-home devices, data, network activity
Wireless Services Expose Home Network Outdoors
- Most home networks have WiFi services enabled
- Threat – attackers and even pranksters can attack your network wirelessly from near your home
Securing Gateways / Routers
- Change administrative credentials from default username and password
- Set strong connection password (different from admin)
- Enable WPA2 encryption or ideally WPA3 standard, if available, avoid WEP.
- Change network name, or SSID, default names provide attackers information
- Don’t use identifying information (names, street or apartment numbers)
- Investigate / Set Parental Controls – applied to all or select devices
- Configure Guest Network
- Separate guest access from primary home network; could be used for some smart-home or IoT devices
- Use 5GHz band Wi-Fi not 2.4GHz band (all devices must support 5GHz)
- 5GHz band signal travels less distance than the 2.4GHz band
- Disable Wi-Fi Protected Setup, if possible
- this capability can expedite initial setup, disable when not connecting devices.
- Disable remote administration of firewall and router devices if not required.
Internet of Things (IoT) Safeguards for Home Network Security
Excerpted - 20 Expert-Approved Tips for In-Home IoT Security Forbes online 2024
Selecting IoT Solutions
- Research Known Vulnerabilities – Google Before Purchasing
- Learn Device [Security] Capabilities During [Before Purchase and] Setup
- Buy Encrypted, Secure Versions Of Devices
- Review Security Standards Prior To Purchase
- Question Overly Complex or Intrusive Devices
Securing IoT Solutions
- Change Default Passwords and Enable Multifactor Authentication
- Establish Separate Passwords and Networks
- Review And Limit Data and Service Access
- Disable Features You Don’t Use – Does everything need connectivity?
Maintaining Secure IoT Solutions
- Monitor Network Traffic
- Ensure Awareness Of All Home Connected Devices
- Update Firmware Regularly
- Use a personal VPN on connected computers – consider a VPN for Home Network
Securing Home Networks – Parental Controls
There have been parental controls for television content for many years. Similar in context to television parental controls, both devices and your home network have settings for parental controls. This post addresses resources available from service providers and vendors.
DMV Internet Service Providers (ISPs) – Parental Control Resources
Internet Service Providers (ISPs) are core to internet connectivity and network security at home. The following information focuses on Parental Control solutions available from the primary internet service providers in the DC, Maryland, and Virginia area. The following resources are specific to implementing Parental Controls on ISP provided gateways (also known as routers).
-
- Verizon FIOS ‘How To’ resources – some resource links require Verizon accounts
- Xfinity Hub Parental Controls Discovery Hub – also see content in ‘more resources for parents section’
- COX Panoramic Gateway additional parental control configuration information
- COX how-to - Using the COX Panoramic WIFI APP
Note – some ISPs provide additional software to subscribers. For example, Cox provides a Cox Security Suite that offers additional controls. ISPs may also provide device security software such as antivirus or antimalware.
More information available on the CyberSecurity@Home page and through our Webinar offerings.
This content is presented by the GW IT Cybersecurity Risk and Assurance team. #SecuringGW is a shared responsibility, if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse[@]gwu.edu.
IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp[@]gwu.edu, or visit ithelp.gwu.edu
