How to ensure perfect security on your network’s hub
Without a router, your internet connection won’t work. It ensures that all devices on your network receive data. This central component is also a key target for hackers and cybercriminals. Our tips will help you to boost security on your router.
- Update firmware on an ongoing basis: The firmware is the operating software of your router. Occasionally, it has to be updated in order to improve its stability, make new functions available, or eliminate gaps in security. If your router offers this function, enable automatic firmware updates. Then you will not need to bother with it anymore, and your router will always have the most recent software. Otherwise, you will have to check for updates on a regular basis and download firmware updates offered by the manufacturer as soon as possible.
- Change the wireless authentication key: Often, routers already have pre-set keys to secure the Wi-Fi network. Here, too, you should set your own strong wireless authentication key to provide your Wi-Fi network with the best possible protection. You should also take this opportunity to review the encryption settings for your Wi-Fi network. Currently, WPA2 encryption is recommended. Older standards should no longer be used.
- Disable functions that you do not need: Every router is shipped with a combination of default functions. They help you to start up the device as quickly as possible. However, that does not mean that the factory settings are also the most secure ones. Simply shut off all functions that you never use. For example, if you have not connected either storage media or a printer to the router by USB, you can shut off the network storage and printer function on your router. The WLAN function of a router can also be shut off temporarily if it is not needed.
- Change the administrator password: You can change the router’s options in your browser using the admin interface. Depending on the manufacturer, this interface is already secured with a password, or an admin password still needs to be set. It is crucial for you to set your own strong password in order to secure this sensitive area.
- Access the admin interface using https: If possible, the admin interface should only be accessed using an https connection. This ensures that anything input while you work on options will be encrypted. To be on the safe side, you should not have any other browser windows open while you are configuring the options.
- Check all connected devices: If the Wi-Fi network is not sufficiently secure, third parties can hack right into your home network. From there, attackers can then find other weak points. This includes attempting to change the router configuration. Check the list of connected devices regularly to see whether the only devices assigned to your home network are your computers, smartphones, and the like. If the router offers this function, limit use of the network to “known devices”, assigned by way of their MAC address.
- Enable security functions: Depending on the model and manufacturer, devices offer a number of security functions. Study the documentation of your device and turn these functions on. These also include the built-in firewall or functions that protect you from denial of service (DoS) attacks.
- Disable WPS: Wi-Fi Protected Setup (WPS) is a standard intended to make it especially easy to connect new devices to the Wi-Fi network. All it requires is for a button to be pressed on the router or a simple numeric PIN – one that is also printed on a sticker right on the device. However, connecting to a Wi-Fi network by entering the authentication key is not especially difficult, which is why the German Federal Office for Information Security (BSI) recommends disabling WPS.
- Disable UPnP: The Universal Plug and Play standard allows devices on your home network to change the configuration of your router without your input. This standard is already somewhat outdated and affords almost no security. It allows devices on your home network to expose themselves on the internet on their own, making them accessible – and thus open to attack – from anywhere in the world. This is why you should definitely shut off the UPnP function on your router if this function is available.