Securing Your Home Network: Here's What You Need to Know

​​​​​​In last week's blog article, "Maintaining Your Security Posture While Working Remotely", we discussed best practices to maintain a strong security posture while working remotely. Today, we'll cover best practices for home network security, which is especially relevant today considering so much of the workforce is telecommuting from home. 

Scan your home network for devices and vulnerabilities.

Just as with corporate networks, it is important to scan all of your devices for vulnerabilities and ensure that they are running the latest software. These days, it’s common for homes to have 10-20 devices, all of which could become a target and a vector to the rest of your home network. You probably have some devices that you didn’t know about and others that you didn’t realize could have vulnerabilities.

Most corporate managed devices will likely have their own update policies, but for personal home devices, it is generally safe to run updates on your other devices like home PCs & laptops, entertainment devices (DVRs, Apple TV, Amazon Fire Sticks, etc.), personal assistants (like Alexa), and printers. It is also important to update the software on your WiFi router, however, care must be taken to perform the update correctly or you could leave your home disconnected from the Internet. If you are uncomfortable performing this update, you should seek the help of a technology professional.

For those who don’t have a good grasp on what is in your house, the free Bitdefender smart home scanner is a tool that can help you find your devices and common vulnerabilities. This should NOT be installed on a corporate managed device as it could inadvertently scan your corporate network and trigger security alerts. The best choice for installation would be on a personal Windows PC that’s always at home.

Use OpenDNS to block malicious sites.

The Domain Name System (DNS) is like the phonebook to the Internet. It is the service that translates domain names like espn.com or cnn.com to IP addresses. These IP addresses are then used by browsers and applications to communicate. OpenDNS is a service that in addition to providing standard DNS services, blocks lookups of many sites that are known to be malicious. This is an important layer of defense against many types of attacks such as browser drive-by malware and phishing links in email. Eze Castle uses a commercial version of OpenDNS to protect our Managed Cloud Solutions.

OpenDNS is free to use at home. Installation instructions can be found here. We strongly recommend that you use the home router option. Please do not attempt to configure OpenDNS directly on devices such as phones, laptops, or PCs, as this could conflict with existing configurations. 

To check your current DNS provider on any device, you can browse to: http://www.whoismydns.com/

Be mindful of who you let on your home network.

Keep a close eye on who you allow on your home network, as malware can jump from device to device on your WiFi, and you don't know where others' devices have been. Having a guest WiFi account for your home wireless router can help mitigate these risks.

And as always, don't use default passwords for any device, whether it's a personal computer, WiFi network, or IoT device!