← Blog Home

How to Secure the Wi-Fi Router in Your Home

2 min read

How to Secure the Wi-Fi Router in Your Home

These days, most lawyers are taking appropriate steps to see that all work-related servers, computers, mobile devices, and cloud-based apps are properly secured.  Unfortunately, the same can’t be said about all their personal devices and accounts.  Admittedly, while more than a few give it the old college try, one personal device that is often overlooked is the wireless router in their homes.

Even if the amount of time spent working from home is minimal, all lawyers and staff need to make sure this device is properly secured.  Not only is such a step now ethically mandated in a number of jurisdictions; but your clients expect you, as their lawyer, to take whatever reasonable steps are necessary to keep their personal information and your communications with them secure.  Given that much of the workforce shifted to working from home in 2020, securing home routers has become particularly important because cyber criminals have shifted their focus to home devices.  Heaven forbid your home router, or the home router of a staff person, ends up being the weak link that enables a successful breach into your office network.

The good news is that you don’t need to be an IT security expert to take care of most of the basics.  Start by pulling out your instruction manual.  If that’s no longer available, instruction manuals are often available online.  Just do a search for it using your router make and model number.  With that in hand, make sure to address the following recommendations if they have not already been taken care of:

  1. Because the default administrative username and password are easy to guess, you should change both.  Best practices now call for a complex password of at least 20 characters comprised of uppercase and lowercase characters, numbers, and symbols.  And since many router manufacturers all set the default username as Admin on all their devices, pick a username that’s unique to you.
  2. Change the network SSID (the name of your network) defaults.  Every router comes with a default network name.  Change it to something unique to you but don’t have it be something that might identify you.  As with the router’s administrative password, also create a similarly strong network access password.
  3. Set up a guest network with its own unique SSID and password because all guests, including friends of any kids, should never have access to your home network.
  4. Make sure the firmware version of your router is current.  Update to the most current version if it isn’t already updated, because version updates are how security patches are delivered to your router.  If your router has an auto-update option, make sure that is enabled.  If no firmware updates have been released in the last 12 to 18 months, replace your router with a newer model.
  5. Confirm that the network authentication method is set to WPA2-personal, or even better, WPA3-personal if that option is available.  WPA3 is the more secure encryption language of the two.  If neither of these options are available on your router, replace your router with a newer model.
  6. Turn off UPnP (Universal Plug and Play). Yes, I know this can make connecting new devices to the network less convenient; but leaving it on provides hackers an access point that can be used to insert malware on to your network, including things like programs that seek to capture login credentials to your bank accounts.

There are additional steps one can take to further secure a home router but a follow-through with these most basic steps will go a long way toward seeing that your home router is properly secured.  That said, one final note.  I know that keeping track of long complex passwords can be a stumbling block for some.  That problem can be easily solved with a password manager.  Given all the login credentials we’re all trying to manage nowadays, the use of a password manager has quickly become a true necessity.

printfriendly-pdf-button-nobg-md-Nov-01-2022-08-44-54-4335-PM

 

Since 1998, Mark Bassingthwaighte, Esq. has been a Risk Manager with ALPS, an attorney’s professional liability insurance carrier. In his tenure with the company, Mr. Bassingthwaighte has conducted over 1200 law firm risk management assessment visits, presented over 600 continuing legal education seminars throughout the United States, and written extensively on risk management, ethics, and technology. Mr. Bassingthwaighte is a member of the State Bar of Montana as well as the American Bar Association where he currently sits on the ABA Center for Professional Responsibility’s Conference Planning Committee. He received his J.D. from Drake University Law School.

The Nuts and Bolts of Mobile Digital Forensics for Criminal Lawyers

8 min read

The Nuts and Bolts of Mobile Digital Forensics for Criminal Lawyers

Digital Forensics Let’s start at the beginning. What is digital forensics? According to a 2008 US CERT (United States Computer Emergency Readiness...

Read More
How To Minimize The Risk Of Becoming A Victim Of Wire Fraud

4 min read

How To Minimize The Risk Of Becoming A Victim Of Wire Fraud

Updated 07/2023 Lawyers remain a high-profile target for scammers hoping to get away with wire fraud and the attack vectors they are using continue...

Read More
We Don’t Keep Client Personal Info, So We Don’t Need Cyber Coverage, Right? Wrong!

2 min read

We Don’t Keep Client Personal Info, So We Don’t Need Cyber Coverage, Right? Wrong!

Lawyers often share with us that, as they see it, they really don’t need a cyber liability policy. They seem to base this conclusion on the fact...

Read More