How To Improve Router Security To Keep Your Business Safe
The broadband router is not only our gateway to the internet, but it is also the internet’s gateway into our home. Just like you wouldn’t leave your door open for anyone to come in, you shouldn’t leave your router open for anyone to access. Unfortunately, too many people do exactly that.
Left unprotected, a router could allow a hacker to access all computers, phones, and tablets connected to that router. They could steal data, your identity, place malware on your devices or worse.
While all that sounds serious, there are some simple changes you can make that can avoid the vast majority of these risks. This article will walk you through them.
Why you need to secure your router
Research from Broadband Genie found there could be millions of vulnerable routers in the UK, mainly because people don’t know how to make basic changes to secure them.
The survey found that:
- 82% of respondents have never changed their default login
- Only 31% changed their Wi-Fi password
- Only 18% changed their administrator password
- A mere 18% changed their Wi-Fi SSID
- Only 14% updated their router firmware
- Just 30% have ever checked to see what is connected to their network.
- 51% of all users surveyed had not done any of these things!
Hackers can use a number of ways to access your network. They are often referred to as attack vectors, methods of entry into your network. Smart devices can be hacked to listen or record you, webcams can be remotely activated, digital personal assistants can be hacked to access your personal data and a range of other attacks can steal your identity, access bank details and all manner of personal information.
Typical router attack vectors include:
- Default router usernames and passwords
- Remote access
- Insecure Wi-Fi networks
- Outdated router firmware
- Guest networks
We are going to walk you through each of these attack vectors and show you how to secure your router from them. That way you can avoid 99% of security risks you face.
Router security basics
Now you know the risks, what can you do about them? The following are some very straightforward steps you can take to improve the security of your router by a significant margin.
As every make and model of router is different, you may find certain settings are called different things or are located in different menus. That’s fine as every router manufacturer does things their own way. As long as you can identify the setting from somewhere on your router and save every change you make, you should be fine.
Default router usernames and passwords
Many ISPs supply routers with default usernames and passwords. Those same details will be shared across many thousands of routers and will be well known to hackers. The first step in securing your router will be to change this login and password. Some routers allow you to change the username, others only let you change the password. Do what you can with what you have.
The username and password will often be found under the Administration menu. Change the password to something very secure. Better still, use a passphrase, a collection of words you are likely to remember.
- Log into your router. There should be a sticker somewhere on it with the default login.
- Find the username and password in the menu and change it to something complicated but memorable.
- Save the change.
This one change can increase your network security significantly.
Many routers will come with remote access enabled. This is to allow your ISP to connect to your router to help troubleshoot issues. It could also allow a hacker to access your router. Navigate your router menus until you find a setting called ‘Remote Access’ or something similar. Uncheck the box next to it or disable it and save the change.
Insecure Wi-Fi networks
Wi-Fi networks may also use a default login and password leaving them vulnerable. Changing them will be a considerable improvement in your network security.
1. Log into your router and access the Wi-Fi or Wireless menu.
2. Choose a new Wi-Fi password that is easy to remember but hard to guess.
3. Change the Wi-Fi SSID if you like. This only makes a modest difference to security but every little helps.
4. Make sure the Wi-Fi encryption is set to WPA2 or, if available, WPA3.
Older routers use WEP encryption which is very weak. The newest and most secure standard is WPA3, though the most common standard is currently WPA2. This encryption is invisible to users but offers much more security when properly configured
5. Disable WPS if you have the option to.
Wi-Fi Protected Setup (WPS) was designed to be helpful but is a weakness in router design. Unless you want people to press a button on your router for instant access to your Wi-Fi network, turn it off.
6. Turn off any guest networks.
Guest networks are often disabled by default as most home users don’t need them. While you’re in the Wi-Fi menu of your router, check to see if yours are enabled or not. Disable the guest network if it’s active or leave it alone if disabled.
Outdated router firmware
A router runs on firmware which can be updated like Windows or your phone operating system. Those updates can include security upgrades, vulnerability fixes and extra features to help keep you safe. Older firmware can potentially leave your router vulnerable so it’s worth updating it.
Some routers can do this automatically while others require manual installation. Check your router’s Administration menu. If it says something like ‘Check for updates’ your router can identify and download its own firmware. If it says something like ‘Upload router firmware’ you will have to identify the make and model of your router, visit the router manufacturer’s website and download the latest firmware.
Check attached devices
To keep an eye on what devices are connected to your router, you can look at the network map. Your router may call it a network map, attached devices or something else. You should see your router and any computers, laptops, phones, Sky boxes, smart TVs and anything else you use to access the internet.
Keeping an eye on attached devices is a good way to identify quickly if someone else has access to your network. If you see a device you don’t recognise, you should have the option to remove it. Do so and change the Wi-Fi password so they cannot reconnect. It isn’t fool-proof but can be effective at monitoring who is using your network.
Start Taking Bookings Online
Create your branded online booking page, benefit from automated SMS & Email reminders, rid your business of wasted time, and reduce appointment no-shows by up to 90%.
No credit card required; free & easy setup.
Jamie Kavanagh worked as a network and server engineer for Cable and Wireless for over a decade before deciding he preferred writing for a living. He is passionate about making technical subjects understandable to all and spends his time writing technical articles, training courses and blog posts.
He has written for PC Gamer, Tom’s Hardware, TechJunkie, Hilton Hotels, DHL, Dyson, and others. He lives in Cornwall with his family and runs Coastal Content, a small business content marketing provider.
Looking For The Best Scheduling Software?
See how we compare with our up-to-date comparison guide!
Over 500 Integrations
Get even more from 10to8 with integrations and apps designed to grow your business.