How to Secure a Home Network

Install licensed software only on all computers connected to the network. Pirated software is vulnerable to security threats. Download patches as and when the vendors release them.

Secure all hosts by installing anti-virus, anti-spyware, anti-phishing and anti-spam programs and a firewall on each machine. Make sure to use latest versions of these tools. Install patches and new releases as soon as they are released.

Create unique user accounts for all users so anybody working on a computer is required to enter his or her username and password before getting access to the network.

Maintain logs of user activity. This is especially important when the network is connected to the Internet. Several tools allow you to manage logs.

Take regular backups of data on all computers.

Shut down all hosts and networking devices if you are traveling or will not be using the network for extended periods.

Change the default login information soon after setting up and configuring the Internet connection.

Avoid remote administration of the network or any of its hosts.

Ensure that the network is protected by a firewall. You can also use the Windows firewall which is included with all licensed Windows operating systems. Other firewalls can also be deployed.

Use a router to connect a network to the Internet. All routers come with some form of firewall automatically providing a layer of security to the network. Additionally, routers are a good means of sharing one Internet connection among multiple hosts. Routers support several other features beneficial for a network, wired as well as wireless. Routers used in wired networks are different from those used in wireless networks.

Feed MAC addresses, unique identifiers of networking devices, into the router and access points so they can identify invalid hosts from those forming the network.

Disable mobile coding that uses ActiveX, Java and JavaScript especially from sites you do not trust. This restricts outsiders from running malicious code on your PCs.

Disable SSID broadcast if the network is wireless. Generally, routers and access points regularly and automatically broadcast the SSID making it useful in mobile hotspots where consumers come, use the service and move on. Disabling the SSID, particularly in home offices hides the network from prying eyes though it can still be detected by other means.

Change the SSID, network name of the router and access points, immediately after setting up the network. The default SSID for ease of configuration is a simple name, which the hackers can easily determine.

Avoid using dynamic IP addresses. Their ease of use also makes them an easy target. Instead, use static IP addresses for network hosts.

Use devices that support at least WPE for a wireless network. WPE is a data security protocol especially designed for wireless networks. WPA and WPA2 provide enhanced security. Same levels of data security can be maintained by using equipment conforming to the same security protocol.

Minimize leakage of wireless signal by placing router and access points in the center of your home. Setting up these devices in a balcony or near a window/door sends the signal outside, where it can be easily used by other appropriately configured devices.