Home Others Business Cybersecurity Starts With Your Router: 4 Tips To Secure It

Business Cybersecurity Starts With Your Router: 4 Tips To Secure It



Cybersecurity has always been a top concern for small businesses but, in 2021, executives are more worried than ever before that their systems could be vulnerable to hacker groups. According to a recent survey, 78% of IT leaders don’t have confidence in their company’s cybersecurity policy, and just around 5% of company folders are properly secured. In the past year, thousands of businesses have forcefully embraced digital transformation on the fly, for fear that they might lose customers. But, without a long-term strategy in place and staff that often lacked digital literacy and basic cybersecurity knowledge, these businesses learned the hard way that rushed digital transformation can expose a company’s systems.

Over the years, the practices used by cybercriminals to access company data have evolved a lot, becoming more and more sophisticated. However, just because a hacker group knows how to brute force their way into a corporation’s systems, that doesn’t mean they’ll always choose to do this. More often than not, hackers are looking for easy targets, and the easiest targets are offices that did not secure their router.

Executives often overlook this, but that tiny blinky box isn’t just a way to connect company computers to the Wi-Fi network. It’s also a gateway into the Wi-Fi network, and you should make sure that not every random passerby can get into it.

Securing your work router is the first line of defense against cybercriminals. Here are a few tips on how you can do that:

1. Basic setup: change the router name, password, and default login details.

Before you make the router available for anyone to use, it’s worth going over some basic maintenance tips. Although routers can easily be used out of the box, keeping the default settings is basically an invitation for hackers to come in.

That being said, you should change three things right from the start:

  • The device name: Default router names such as Linksys, NETGEAR, Ziggo, and dlink not only make your network hard to find but also give cybercriminals a free sneak peek into the device you are using. When the model of the router is public, even a beginner can look up the instruction manual and find out how to gain root access.
  • The password: most business owners change the default router password (the one you need to connect your device to the Wi-Fi), but they don’t use good password habits. A secure password should be hard to guess, so a combination of uppercase, lowercase, numbers, and special symbols is your best bet, although it’s hard to memorize. To avoid data breaches, change your password regularly, and never, ever leave it lying around on a piece of paper where anyone can see it (or saved in a .txt file on the desktop.).
  • The default login info for the router: this is the username and password needed to get into the router settings. Most people forget to change it, and this makes it easy for hackers to get into their network. To change the default username and password, enter 168.1.1 into your browser, and you can access the control panel from there.

2. Disable WPS and limit DHCP range.

After changing your router’s default login details, you should change a couple of other settings: disabling WPS and limiting DHCP.

WPS, short for Wi-Fi Protected Setup, is an option that makes it easy for devices to pair to your network. But while it may be convenient, it’s a massive security vulnerability that weakens your network and allows hackers to get it without effort. To turn off WPS, browse through your router’s advanced wireless configuration options.

DHCP (Dynamic Host Configuration Protocol) allows you to select how many devices can connect to your network. By limiting the DHCP, you’re basically restricting access, which makes it harder for hackers to get in after the maximum number has been reached. You can even turn off DHCP completely, so that people can’t connect to the network unless you give them the IP, but this can be very time-consuming.

3. Set up separate networks for clients and staff.

If your business works directly with customers, such as in the case of a retail store, café, or lawyer’s office, giving them access to free Wi-Fi is a nice perk. However, when customers and staff use the same Wi-Fi, that will significantly slow down the network and offer easy access into your private company folders. To avoid cybersecurity incidents, set up two separate networks: a public one for guests and a private one for employees. You’ll still need to take the security measures above for each one, but by having two different networks, you’re reducing the risk of a breach considerably. Most hackers target public networks and, in the event of a hack, at least you know that business data isn’t easy to reach.

4. Check firmware updates.

If you have an antivirus (and you should!), you’ve probably noticed that the virus database updates regularly to detect the latest threats. But did you know that this is not enough to guard you against cybersecurity threats? Your router also has firmware, which should be updated to protect the device from all sorts of bugs and cybersecurity threats. Some router manufacturers update the firmware automatically, but this isn’t a rule. To be extra safe, you can do the updates manually. Also, if you have an older router that doesn’t have the WPA2 encryption protocol, check to see if you can update to it manually. If that’s not possible, it’s best to switch to a newer router. Many people assume that you should only replace your router when you’re no longer happy with the speed, but the upgrade is also worth it if you care about cybersecurity.

As a final word, remember that these steps will only help you as long as you train your staff to follow basic cybersecurity practices. Many hackers rely on social engineering rather than brute force to get into a company’s systems, so make sure employees don’t leave login credentials around the office or give them to unauthorized people.

[Image credit: canbuyornot.com]