As technology moves on we get more and more dependent on our internet connections and the reliance on WiFi, both at home and on the road. If you scan around various neighborhoods including your own, you will see how many unsecured Wi-Fi routers there out there. Although many of he new routers come with a setup wizard to walk you through the basics, many people end up just taking things out of the box and plugging them in without the basic configurations being completed. In addition, many of these setup wizards do not go through some of the options that are needed for the extra security. I assembled a list of the most common things that are recommend, in addition to what I practice in efforts to establish some basic security practices. Below is a list of common security precautions as well as some basic practices to better provide data security, and to help protect you against potential danger. I will caveat this by saying that this is by no means a full comprehensive list, and it is just touching the surface. Remember that you can never be too cautious. The intent is that hopefully using a combination of these things will help provide you with the best opportunity to protect yourself both at home, and when you are on the road.
Home Router Basics
For starters, you have to have at least some basics settings in your wireless setup. Assuming you are using a wireless router or access point, here are some of basics you need to do.
- Use WPA/WPA2 security settings in your router. There are too many routers to cover all of them so below are some screen shots from my old DIR-655.
- Set a strong password for both administrator access to your router, and your wireless access itself. Do not use the same password for both.
- Change and hide your SSID. Never use the default SSID and once you configure it, disable the broadcasting of the SSID (Invisible). This helps everyone from seeing that you have a wireless router and keeps the casual prowler from an easy target.
- Do not give out the wireless password to guests in your home. If you have people come over often that need internet access, setup a guest network with a different password. Most current routers support this feature. This will isolate the guests from you internal network which provides extra security.
- Disable UpNp. This mainly protects against ill behaved apps and in-system exploits, should you get a virus or other malware.
- Consider if feasible setting operation times in your router. (See you router documentation to see if your router supports this feature). If you are not home for most of the day, set the router to block traffic during those times when you are not home.
Tips for Public WiFi
- Pick a secure network if possible when selecting a hotspot. Many companies such as Time Warner or AT&T offer free hotspots that require a login. They are not totally secured, but they are often better than something you hook up to at Mc Donald’s or Starbucks.
- Set your computer’s network “location” when prompted to “Public” as this tightens up your computer settings when in a public setting
- Whenever possible, setup and use a VPN. There are many ways to do this for free with products like Logmein Hamachi or OpenVPN that do not require any special hardware. Alternatively you can use a super router like pfSense or Untangle. (See my write up on Untangle)
- Do not save passwords when you login to any system or site
- Use HTTPS and SSL when you can (Gmail, Twitter and Facebook have settings for this)
- Use a a firewall and antivirus software. Don’t use you computer in a public place without some sort of firewall and antivirus. There are paid versions such as Norton’s Internet Security or you can use Microsoft’s security essentials along with the Windows firewall. You have to decide what you are comfortable with, but use something
- Always keep your computer updated with all the latest security updates
General Precautions for your data
Below are a just few of some of what I consider mandatory precautions. In today’s environment, you can never be too careful.
- Always backup. Have at least 3 copies of your critical data. You do not have to spend a fortune to insure security. You can simply use a USB/NAS, offsite hard drive, and a cloud service like Crashplan. Your goal should be to have one local copy, a second copy offsite/local, and a third to the cloud. (see my backup strategy)
- Use TrueCrypt for encrypting private data. This is especially critical on laptops. You can simply create an encrypted “Volume” and do not have to encrypt the entire drive. The volume can then be backed up or copied to other systems and even used on portable drives. (visit: Truecrypt.org). The program is free is considered to be one of the best. It is very configurable as well as flexible.
- Do not use auto login on your computers, especially laptops. Set the laptop to log out when going into sleep or power saver, it offers an extra level of protection.
- Use complex passwords. You can explore various password managers as there are several very good ones, or come up with your own scheme. Avoid using the same password for multiple sites in the event one gets compromised.
Nothing is absolute when it comes to security but at a minimum if you follow some safe computing, you stand a fighting chance. Many attacks can be prevented by not making it easy on prowlers to get to your stuff. Nothing is fool proof and a true professional will get through almost everything, but following some basics, you could avoid many common disasters.